The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Secunia Reports Mac OS X FTP Vulnerability

Secunia Reports Mac OS X FTP Vulnerability

by , 12:40 PM EST, December 5th, 2006

The security firm Secunia is reporting that it has uncovered a buffer overflow vulnerability in Mac OS X's ftpd function. The report states that if a system is compromised with this exploit, an attacker could potentially execute arbitrary code on the machine or launch a denial of service attack.

The vulnerability affects Mac OS X 10.3.9 and 10.4.8, but other version of the operating system may be vulnerable, too.

The FTP sharing service built into Mac OS X is disabled by default. If you aren't sure if it is running on your Mac, here's how to check:

  • Go to Apple menu > System Preferences to launch System Preferences.
  • Select the Sharing Preference Pane.

  • Disable FTP Access.
  • Click the Services tab.
  • Make sure that FTP Access is unchecked.

This potential exploit assumes that your Mac is visible to other computers on your network, or on the Internet. If you use a properly configured firewall to block your visibility on the Internet, it's unlikely that anyone outside of your local network will be able to find your Mac to attempt an attack.

There are no known reports of this exploit being used.

Digg!

Recent TMO Headlines - Updated January 26th

Tue, 3:53 PM
Apple Safety Guide: What You Need to Know About Device Access
Tue, 3:35 PM
ProtonMail 1.15.11 Update Fixes Bugs With Push Notifications
Tue, 3:26 PM
'Succession' Actor Dagmara Dominczyk Joining Billy Crudup in 'Hello Tomorrow' on Apple TV+
Tue, 2:48 PM
Dissecting the Scene Explainer From 'Servant' Season Three Premiere Episode
Tue, 2:12 PM
Mac Accessory Picks – TMO Daily Observations 2022-01-25
Tue, 2:08 PM
How to Rearrange Your Home Screens on iOS and iPadOS
Tue, 2:06 PM
A Crypto Wallet Crack Recovered $2 Million in Tokens
Tue, 1:37 PM
Australian Defamation Verdict Causes Google to Cry Censorship
Tue, 11:02 AM
These Upcycled iPhone Cases From CASETiFY Now Include MagSafe
Tue, 10:45 AM
Dutch Antitrust Regulator Begins Issuing Weekly Fines Against Apple in Dating Apps Row
Tue, 10:36 AM
This Decentralized Messenger Claims to be Quantum-Resistant
Tue, 9:37 AM
Apple Releases iPhone Macro Challenge for iPhone 13 Pro Users
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Daily Observations
  • TMO on Twitter!