Mac Classic
Advisory Title: Intego VirusBarrier X4 definition bypass exploit
Release Date: 2006 November 8
Affected Products: Intego VirusBarrier X4
Severity: Moderate
Where: Local System
Author: Kevin Finisterre
Fix: Bug Fixed Starting with 2006/11/01 Vdef files
Exploit: pwntego.tar.gz
Kevin Finisterre, a security researcher with digitalmunition.com has discovered and demonstrated a flaw in Intego VirusBarrier X4, an antivirus program for Macintosh computers. The “pwntego” exploit show how systems running Intego VirusBarrier X4 can lose their protection. Kevin discovered that the program suffered from a flaw related to the number of alerts it can process simultaneously.
Kevin saw that if an attacker is …
November 11, 2006 •
8 min read
Mac Classic
Information
Tresor is a file encryption tool for the Macintosh. It is simple to use, fast, and offers very high cryptographic security. It is available in native versions for 68k Macs and PowerMacs as well as in a FAT version and requires MacOS 7.0 minimum. Tresor is shareware. The registration fee is 20 Euro.
Tresor encrypts any file using the IDEA block encryption algorithm. Encryption uses self-selected passwords. For decryption, the same password that was used for encryption will be needed again.
IDEA (International Data Encryption Algorithm) uses data blocks of 64 bits …
December 8, 2002 •
2 min read
Mac Classic
Keys Off is now at version 1.3.2, now fully compatible with MacOS 9 and includes version 1.5 of the BlackWatch screen saver.
Information
Blue Globe Software has been producing high quality shareware since 1991, and they expect to continue this trend for a long time to come. They have updated and patched previous versions of Keys Off to keep it up to date. Their Software has many features you can not find anywhere else for a very low price.
DOWNLOAD Shareware Version
You can use Keys Off by Shareware, to download version 1.3.2 click …
November 11, 2002 •
3 min read
Mac Classic
MAC OS X Security to the general Macintosh user has never been much of an issue. Turn it on, use it, turn it off when you’re done. And even if you’ve got a DSL or other dedicated line, warnings related to hack attempts on open and dedicated networks lines never seemed to instill fear in a Mac user. Sure there are products like Norton Personal Firewall or NetBarrier 2.0, but these are for professionals right? Well, not really. But the truth is, for the general Macintosh user, the chances of …
June 5, 2002 •
7 min read
Mac Classic
This is one section of an overall document. The overall publication covers the setup of a Mac OS X Server. This part is being made public to help others secure their machines.
This document outlines some security measures for the Mac OS X Server 1.0 – 1.2 platform. While Mac OS X Server (OSXS) is a fairly secure environment out of the box, these basic measures help create a more secure computing environment. They should be taken by all personnel running a Mac OSXS on the WSU campus network.
The measures outlined …
June 2, 2002 •
11 min read
Mac Classic
Published: 5.07.2002
Fixed: Mac OS X 10.1.4
Effected OS:
Mac OS X 10.1.3 and prior)
Information
The problems lies within the file /usr/sbin/sliplogin (sliplogin) bundled with versions of Mac OS X prior to 10.1.4 due to the permissions defined and a buffer overflow. The system can be taken control of if a non-administrative user were to overflow the program giving them permissions as a root user. This issue has been taken care of in 10.1.4 system security update, if you have not yet updated do so now.
A unix styled exploit for the Macintosh! This is …
May 7, 2002 •
2 min read
Mac Classic
Today it was discovered in Mac OS X 10.1.4 (Not tested with prior versions yet) with multiple users
I have stumbled across a rather large security hole when AppleSharing between a Mac OS 9.2.2 box and a Mac OS X box running v.10.1.4.
If a Mac OS X 10.1.4 box contains multiple user or administrator accounts, their home directories as well as access to some shared folders with permissions for only one specific account can be broken into via AppleShare.
The trick is simple. This can be done on any administrator account on …
May 4, 2002 •
2 min read
Mac Classic
Information
SubRosa Vol 1-File Utilities is SubRosaSoft.com Ltd’s first line of privacy products which help Macintosh users secure themselves and their personal data. The suite of software to protect your files consist of the following; file and folder encryption, multi-pass shredder, and free decryptor. Each one of these programs make it easy enough for any Mac user to enforse digital security on the personal data that is stored on the computer.
SubRosa Encryptor
The SubRosa Encryptor allows you to take files or folders and convert them into a encrypted archive that you can …
May 1, 2002 •
4 min read
Mac Classic
Fixes
To fix Internet Explorer:
This is done by updating through the Software Update Pane/Control Panel.
Patch Microsoft Office Products: Patch is Here
More Information:Security Alert
Vulnerability: Run code attacker wants.
Severity Level: Microsoft suggests Critical
Affected Software:
Microsoft Internet Explorer 5.1 for Macintosh OS X
Microsoft Internet Explorer 5.1 for Macintosh OS 8 & 9
Microsoft Outlook Express 5.0.-5.0.3 for Macintosh
Microsoft Entourage v. X for Macintosh
Microsoft Entourage 2001 for Macintosh
Microsoft PowerPoint v. X for Macintosh
Microsoft PowerPoint 2001 for Macintosh
Microsoft PowerPoint 98 for Macintosh
Microsoft Excel v. X for Macintosh
Microsoft Excel …
April 9, 2002 •
4 min read
Mac Classic
Macs are Vulnerable, too
Due to the potential vulnerabilities of Mac OS X, Macintosh computer systems are more susceptible to security breaches and threats than ever before. Many Mac users falsely believe that they are immune to virus and hacker attacks. It’s true that Macs are generally affected less by intrusions than PCs, but that’s only because Macintosh makes up such a small percentage of the market. In reality, with the growing number of viruses in existence and the increasing number of hackers on the Internet, there isn’t a computer in …
April 6, 2002 •
5 min read
Mac Classic
PRODUCT: Macintosh Hacker’s Workshop (MHW) v1.1
Review by: James M. Buehring
RATING: 4.5 / 5
THE PRODUCT & DEVELOPER:
MWH, or “Macintosh Hackers Workshop” is the first of (hopefully) a long line of products from a security expert team from France named CODE511. The author, grungie, offers up the only graphical UNIX password cracker for OS X to date.
This is not a program for your novice user who is unfamiliar with password files or DES encryption. If “DES” and “passwd” draw a blank for you, skip over this product.
For those of you who could …
December 11, 2001 •
3 min read
Mac Classic
Sneak Preview of MacAnalysis for Mac OS X
“Exclusive Previews of MacAnalysis X!”
Lagoon Software’s MacAnalysis has become a manditory program for Macintosh users trying to secure their systems. MacAnalyis is a security auditing suite that runs on your Macintosh, test the security of a local or remote computer system.Read about MacAnalysis @ this SecureMac.com review
After many weeks of programming they are almost ready to start distribution of their Mac OS X version. SecureMac.com was given the program to take a look at – the program follows the same style setup from …
December 2, 2001 •
2 min read