|
|
|
Month of Kernel Bugs Launches with Apple Wi-Fi Exploit
By: Ryan Naraine
2006-11-01
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
Metasploit founder HD Moore releases an exploit for an unpatched vulnerability in the Apple Airport driver. The exploit is the first in a planned month-long release of kernel-level bugs.Metasploit founder HD Moore has released an exploit for an unpatched vulnerability in the Apple Airport driver that ships with some PowerBook and iMac computers.
The exploit kicks off a new project called Month of Kernel Bugs and follows a heated debate over the existence of 802.11 (Wi-Fi) flaws affecting Apple Computers Mac OS X systems.
In an e-mail exchange with eWEEK, Moore said the exploit is not related to the Wi-Fi driver flaws discovered and discussed in Aug. 2006 by researchers David Maynor and Jon "Johnny Cache" Ellch at the Black Hat Briefings.
"This exploit is one I found over the weekend, using the new 802.11 fuzzer modules in the Metasploit Framework," Moore said, referring to a new version of the point-and-click hacking tool that will ship with Wi-Fi exploits.
Moores exploit, available here, targets a remote memory corruption flaw that affects the Apple Airport driver provided with Orinoco-based Airport cards (1999-2003 PowerBooks and iMacs).
 For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.
When the driver is placed into active scanning mode, Moor found, a malformed probe response frame can be used to corrupt internal kernel structures, leading to arbitrary code execution.
"This bug is definitely not patched, but it only affects Apple users who have the original Airport cards [the rebranded Orinoco]. I have no idea if this also affects Windows users of the Orinoco hardware," Moore said. He said the proof-of-concept code can be tweaked by others to find other potential attack vectors.
Moore, who is collaborating with Ellch on Wi-Fi flaw research, named the exploit after Daring Fireball, a Mac blogger who doubted the Black Hat findings and issued a public challenge to Ellch and Maynor. "Normally I wouldnt sink to this level but, damn it, its funny," Moore said of his taunt to Daring Fireball.
The Month of Kernel Bugs project, the brainchild of a hacker called "L.M.H.," intends to release information about kernel-level bugs, hacks and tricks throughout the month of November. The idea is to expose tools and procedures useful for testing the strength and quality of kernel code in Mac OS X, FreeBSD, Solaris, GNU/Linux and Windows.
L.M.H., like Moore, is using fuzzers, or fuzz-testing tools, to find kernel-level bugs. Fuzzers are used to send random input to an application, forcing a crash or server error that could highlight the existence of a security flaw.
Metasploits Moore plans to release new fuzzer modules to help security researchers test for Wi-Fi driver flaws.
"I picked up USB Wi-Fi adapters from six different vendors yesterday. It should be a busy week," Moore said.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
|
|
�������x}ks㶲*�Q3CO#ʶ<։mXq&U*$�CR8'['7n7�$?&q2D
th4��y$sW7-gL.\sfS;uA@
Y>%w>{�'(+o��1m�n�f](� _h���oL|N�შ���:#:D�.Pk< �Z5�7�54o/ne0S�-ڎIQ>)V�N�մH�>شQ�$�)q@�ˡh]
](
Ѽ/$pm<$Q}# Q�T6^:�6
�ȅC�z$nRvn7o\ 205I2�#[��dTZ��ӡk��u8r�
�08juj=nfO-�n@w�(\'p}j� F1 9�, \�ZIa^_y�
yN
�<:t^䖡�_ֽyo@סn}w�do&a-vQKw TmO |lM=P�~ %�DhOG�@uh3�2n�
eþ=Je_+aV+Cxxo9{�ؖ3bTzEÝ5�훟+UU�ew9*��C[wn�uP\ti\v?
�9N���|'�oL�V)��UjT:( Ԙ8r�g`�rM7Jq߸p~y)ڡVR]F[V@a`%�pfQUe�>Oe}}uI}|vti"|c)̠j�PEf�+%�2h\uܜ<]st.O7=rڽ&'Ov�Y; �i
Og�fV�\vO^/SQ?�&�:aZ+}I-Gf{|&�xt9&�IoJDz|?!/ !}_w��nr@
i/�],/�KŗG)LY4C�� ! ,�2ɔS�Hu��t:��9AcI>oU:_&T7oh�2��4 �f]p��a4F�ALt�&�h�)5?�&b.L2<|)=mZW/��(AK/�
ڊ�5z>�]Q4{3B�ɝ`g@ɋ �BD4?CzC���0!pl/ݜ�~���L.�Qwڢ9Q[�k�\M흙ǘ�\z댛Vu.~hz�mxD18�,0]ev|`\�77�Zu?1�k_@r�/*r[�h ��2ud8��1nґ>â�x_ �
tSOC|>56㤞F!|Бd��mxq=Z.3+ԍE��Xn`Nt��ha�^i1[ <ۋJ!pI�x�ZS�x�&ztmP`�~�5$ǎ�@ �L��s'08�ɝ�5��E0%ݻCi�`y1�&=��զA�{ �Tgg ,z���C��
���/�lmNl}h`1 >5g�%G�@i0x�zOD�ȧ��H.B$(ZȻ�"�!A�ly���[$t X�V0(VF쎄J9m�W*lJe sw�JKvn2�V�{T�Kh!+�K@fsfd(4{~4�cbB�|#'f�Xr`Y
�\d+|�h)lb
Ԩ˶V-iDi$P^Cs�2 =cWVk�EU}`H�LMqGr`!�g�g30p#q"O(1�?�2,Xh�l:Z5ESwĽ'0L4_az�`�@�&=2��ٚM�>�BӽB11
�}wʠ:�'���E_
�-ý-'��.DSQz�ZҳsM�wӿi
��_*�gYA�3�'|$@]<>+WePÃ"`"+42[��E̞�v(�g;,NrBuOSj,, H@,gmdz?;V@q)2Sf�4�),4BtO�ݡ~�u_�r4-%ւfk{ց$l�*=°ε�Z)���![p5|a2�F]��RYBKHDl�Hfc/XKKe�zlӇ8&E6LG%E�@n�=�ȢfmD
jrIj��#SLodVhV;Դj\.gy�-lD0(2n( 鿛R&a+B֨
OaOc�i6�EGn&z�ϐt��f>�OH)
z�7HpBa e�-֓BS몶dg`m1Jx>x#�d\4�6L XbOF�2躢��ű<��bj\X,��~�)©5r1|��jj�0!B,V�ũ��(j^;��V�4:E�80��eCf+[ꯦ��T+�pzۻ(�Sg&�;Ql�˘@/-�#���1$6/Pk�
.a@C��%)& c^a\FB�k��
ZCbP&ܔwц.�[�XR]OXL��+*�9G�qϟ��
sFWyQFfYa0K�ykR^K'VUJj5x�]��*(Si��� �7Sc`9g?7�_�u�>tɕK-ޫp c.Z$ c?`W��.�_��k�W�rB�[��'��ʂX
�hO7`sk'(��k�=0E��CV8!��H�*�7hVІ{e�gjړt_KtwT �|qCJhB�"0�u/eۏTu)U,jl�T�`Z��:�-,�H+���
�c44}�
��:*zIe߯Y+�t
m(5#���#2!qg��rh)h'j*�W�vO�Jh#VX[#WX�
tV ЛiQ~g�V �׆'y�ϤM͋hR|5y�,�>�s)7hoj)OP?�(5
��|�%`�y3GGu�"�M."�́,08h#2"�=%�?�^\7aO�n[JEVK`uցDZ%y�9HǞ1�]�]2�Yޘzֱ4�>�ʀkӘG�2cdY��hV�z\ �g2|�]��>�/��i�)Ձ",߸X̡֪��~h�JJ]��aQn6=IT\S=@Q�>}ݤ1p�
NU< {H}Z2ZRܴ�JZVz7O
C.'%-&�v�eN�6q%a?ͥg?ckD?"�B��5`Jܥ�@v^�Iў@>
Bb2�Q{lJ�w\A8fS�qlyV:p]v3M�>ҁ�h
0~aMٸU
V|�eZ]J֟D'�vu(�|�cK
�uṚo{{+7�÷ �G�L)߭~*�9�WI�P5�]�Uj; s��4�G\�0BRֿ=bEO�p?n ]�^*~
t9#�T�`| @`'d1s<ɷo�njC�<8 +�An)ɡX�XD�>QkfR{e"��nxR*�gF�ccb~f.VWv��/(0�h_�hCm�$\�auv�@Ώ.c绛I쀔4�}ڽK�h�-�6z_5ރ6�
�`i8~{H(&}ׇ7{5geUsA0lg~�hy# @4+G~{!\?t.ŗlk~Jw.R ~J`.'!M�upye4)$yu��~|hq\1�6MF�1S5!�g<72l&zA���
�q^9`L\X5c-ͅH'BS�fa�Du0a�R,yy~�nU��2kq� ��
I�ku:=<��
�� c@JA=�o8[Y%$C�(�
�`I/Щ
cA�?OF�rA&zZG�>eg'u3���f�}3Rt4zQr:Po9Kj�}�K_c�Oߗfo4��~�ѶPV=8Y,lrh縕vI��c~:)}AmN9˝�~H�!g�Í7�w j�E5p�XIS"�9oթ-ݱi'>�eax!wl q�%ӝr*f BٸEO[,,m��Ss8S��< �AGJ脚bye5-�e3O5NR�MLC]�OC/��$�;�+B6Tzs �gaM�6mn3gjt.>l6Dr0�@u�\d( `�q��Σ@P�)V�-<(m1a}Xki-�jշʫ؉��OJ>lj9l0��`&(�9+rq�]4_twX�G:Q$�.�sFnt�wÝԎ+^@(NEVp2k�x'��_Y.t0o����89]cΣd�tWcT c塺1!��=kѧ@�Ǣ� �n�
��A] ��j�9G�q,X昆�㻞0]v�Yf����H-@N �FP�=Foq>p]9Qz AC~g}\00;z{w6�|Of0�7+��l9ninmǡ8�
��0�Nt,4P$EUՊZr�,VU�$]d�
O>f�Yt�2�&n_�%3ٌ<�4/�Z2fP:9�G[qe�cF0�[ov�}{�U"O�4v4
]ekw}B%umJ+.{%nw^Zh�r;Tʜ%%դy6/IQ�)"{�"F%{two�%o�14��m*z>�-3�����'Kmh�@�ӏJi0$=۽m�X^p'O-+`��ߍ�.�Ý˄�C�����L�xc�yp�P� 7}Y%
g�Z^�aq:Qmi'5c;9
$I��]]�ek�61|K}w�kB[�e�xLu�9��NS^�>vc"Qb-��c�ގ㶒�mySOnj5YYR1`g�}
tڰR�wffr+p5r���7�-�/CBٳP�)`@ KA��}uQ(J%˓p�y#H�?ob[HQ1T= LFz�vW4E9`0(kx70%(G�#_AΤPN}ܞT*TLxeV�-?/tInHZ ��@x�h|D�$na.�#J�=(e$MSr%�+"Փ|*K�vE@6ߠ`K*~9�=;ölݟJ:h`SEt�Yӑ&ԗnSKbi+|sA#��[RFH�Xҩų`�.|�="R<
cڊɪML��.3<�}�W1E���ȉĎNixiS#7ƲiGIiS6)?M�˵`u���J�B �[>��@ L\�,8I0
6,0
:*ǝ.�gZa���@rq �!:A @ �R�GXocsZ[IMRTI6eOYgS邎uO� p��4Y7;�_؛I4Q&5Xs�k*l"͕K-��maOͬf|O(Wk�/q�f~îH%ea=�SE:;X]3':m?a@$�˶���C8�`HM�ĦG0L�lEX7los[R�1�$ƮF�Q컸cccc;&�&~c2W`I7>M6c3L![�NkK.0ta �Jܼ
-z@D�v�1�HC"�9gд3>�5"BlE67�%
iC̝R�NN@<�`�o0(HK2`�CR`^1lM}��4}cC~)$+�dM �_fW�bXL�!ܬކ�G8艎MgL
>~�{�B:fW[H(p愳��F�D/�|ee/F�p�ܠ҆�]}IA\He��F#�R)+��$Ma�ɫ�_}2�1Λܤֆcl.9��0xO_*�K@t[��c#E}�V�XF�Fh?컴C��~}}}r�f\nX��"]A(u=Ì&د�Ik�s3Z��*s�.W, �� oJ�.~]i�akܛ۾a=#ӛvgTz�)J5A;8j>ap�DX6,��F��]I|լh2-m|/t[O8a�f5
Pb;
#e`
}f\c�K"�4=}y�/!gc^)aPxt5G{+� 3b0b\�D0Ip�x1*e5|_7LT�@fhiWQ��_KOzXpk>�(Dt�7@n�Bsg[^!v4��yz���ZV;7
��|
R�ş
!z\5sA�V)\K�@W{MmK ߁Bs:�\��(+�cݕY7^
*'-�l� ۩q,fER�o�Z!��ߤ�LFm_m�ay�^�'`j$/�*귵�O�]H6b5�>pb�lCW�؆_�?��
JRˬ�+2"EI3�Ʊ)�;{
`4cT2,,-i:df[9�����y�Iv|wouv1U�ASp\|@QׂuҞ_F� G>-I�vN *2��뿓$}�h�1n92K,�C &Hm�9( ŜC=t-Nuwن&h
H^)TFʼn�ܳExȾS�`܀�*ZWIY1s/�| ��ϞaEfT�nCn$pK4+uɁEO�/
:â=$Lc{4�3\0k�`��꤯�7v6F9L]bK&�QX#x7Q�ws�hSTC�䉯]lH&o��{.��GM!ql�6�x�t�$�4ē{W.~G�{�bDݵg���⫫Z�-#Tc䏹B/o�Wt.H�e
_M!�AaQ�D0얎�aq���B6��W�}�DDqP�vCQz@Ym�ӶxnUĠ�AɌ��B<6w�ĸW\ϓmI�H�ke\K� ,�E�\b֪��Y�"�'"�KIE�/,]Q|�U�~4�.
dRCd;���^Rlqn/�%ɋڜ93�͒Eˉ.[tE�Sc%5R)r~Az)ZbYE-c
2^X!tOHkxk<�vlNz� ԣ:BMųŗ%TU"j>�]b\i
z|ems|oIM13bmC��y�m�+=u`m;�b�9k�+mLtT8Ow|
ev��)"Ud֝eؓ�RcǢ-*);,Ou,5;�"�#�x[�x6_f���~"�R!gI�] ��0>L3��l��X/ժsZ��E=4�8EG-�:ᛒWZ-�F��d�>��QhTJӑu
3̰�>m;A=~5xLLRO����f\�NL�_s�_�߰�,VI�m{d7�2[��yꊍBL��S��;7"�p�7,��9'yo_*z(4�l8�Ԙ8@� CRO⺢�
2�wCE�2&.V��!�̆\oX|J7�b7��|$rkIC9�1�ח=e_)a�#s~�!��g��L-Ɲ
D
ô"c�)41GJ["1}s?��uǤ')�45aBx l��d
�D�ps1|wJp��bZ�Ř!�&"��c36#|-�[H�Jl/~ڋ�EO��c�Z|E"�{X#&�3)-�+y6@���} (b��U��
7�OT�,5���!�'&z)%n67p>9�(٘kJÉ��� :la`t��.t?�Oðq?]��1 Ln
1{�YG7`C[�5E�Y|ob�L,`A~zBj�@̐0�($Ѕ:x,@#!��9ω�K+0c
7VúޛXF #}�Aa�P8�Z
��+z+uT'I]W@)9CȮ�KTU�|.A@Z`yݬf/��ǯۛiJd�R
��?h�$@F쌆=xɾx� t0 �c3brOtvY(ZWWiuMz�zם~{I�<߄m-[4z?V9|>^}>\;}��2d&SR�o4e�š_lꌹ6�Wc\sxYx>+ah,Ώ6Woã(PJTٌ/!j�b\ũ2M�?z�[''^O˧VRk!??gg:^Z�9v�.6ciq`1D4
5N�M�o���
)n}>eЌLjV}Qu�xS3S+S~
ˏ[.wsʑO�'c(?^]~
9͡���Wu
ͳI9)ureN9{ϽPyu9?ρ�]"g|.��/�E�|E�}/>�9�/r��ϋ�D��)?@?r/"�2g|/A~.s�2gnN9�_?r
yY?W�^�=�_�>'(W�}�S�n&�&oonr/=IR<��9k]T�(Rh�K
"�S^9,.Os'{'sg#�q$��]a芫-5n+
ǤZuv��^_@�%KH0e^ڛL:�GP�/<,Y}Mʱ�4rk 7�[y�DYII{2}tE��i>r�i;GLwe<-7cENz).~QFxd\$h{U2�6#�{"�Գ1�O %Y!ܻ�GzʉnS'��\2fA�<�'ԎsnOAr^Ew�MwN[0�/:)7.p{Zӛ�ڎwڝGfzuieDd;�w6�K췡^ţu.TlCP4l�KeB�ghXc$�fZ���g᜔�9螩z$J
[s�~gc�us`��4H
jYj
~ZV-�~#\kЯa#"2t�>�fDdU:��.�UJ�0�XR����^9�Q(Fuo*K0njE�=u̐g�a���0V�J�!'\C�x'�+�!r2f�dof2E�aSOp^v"�H�@0�~Y8P&`.�3�؞.F^͆$�V�w�� a
Ҭc��6�%`ή�1v�gu̿6г9(p&#ӄ�Y D˼��xl�4@�;4�X�x-�(B:=A�|#�N�.LySz~
;<8��,_bY\0V�Y�fq˭�d<@T6?�rށw
$96[$'�ޛc>sd6�J9=bՇ.^"�8�luy1M<��r*�ŃI`a\m�8��1�q�6`�o���t Ccjd>Mk��+#�P<�,����8q�1eA(e6Lm (~%6,wl3S@Yȅ=y��GgG4WB&�2�Up&�a8Yzt~cD�
Xy�f�˧쭨F��_LNA�c>7q�>+�orA«�U/=�ׇ"�2cT
=�`?EcС�2ESXn�傾]#rF3�/��1#qy]� ЙW8��T"?�zGmÜ�z)JJ)@bފRΥJU�LխVoU��-~a�@ăx!$k�VT���p|"���$7ϒLU"z̴5�w�Dl=�Yz'{io=G}c_V�e�ńK�!8F1d���\*�IxrHIhC>��~�EE�`A�0^|e�D$uЧ�
�FϨn��C��>�Z��e.,s(ŬBSd�<�)O?G[nA5�y`0v`ehD�PL/Tvy*s*>�% ,�1-ixM1�C2~�lx$_Oxª~SQxr='=��g�з��57d�8[|���i�zQ�ڃ`+��Lܺ��}���0uGĦrC�R4mLEpw�R�����K�?93_O�(@P��9�1�"uY^�:y�l.�E{�Ofu�ݎüжRWt�{.��!�Ҷ\)V�cʅ.-S�ܟ?Ba��҃fFH7/�k,^��zX�ջ"P9N]Rlãō5,c-�-<�P8��_A~:?c9VIٶ�7G,cհ�Qa[:�6
V�n
ۊ
U�y˷DM\7'me�#�BP1W)v$ѿ�9V0�|>,�l�p/>:G[
0rczzwY>W'�8K�iR��yE�`Z��(DqU�
�Xâ�WITR6!�;�د�D?8-��ciĬ��;fcXJ
�XF!&?�O80�Ux|�-h\l�};xrmx0#rz�,�ɀ~U´Bd+KWe�++�Ȁ7HY;D,5Ra:(�z��0�
�LMkÐpai�#fS�S/�f� �Ax��
=`#hxb
"���nh1)�d'k%I���'��60���Ä
-"5roq#}e��יJ؍�pK�g8�g!(X^�ZLT��/>%hw2b5���ʧ3�~p��(X��Vt*N�z텋vV?Pv/isTO7uG��?;�&o:ˌRh\*.Ioڝ�g%u��nң��/O@ђ�u',��!ջjt.?+e=;`on��3�g�~�oU��A,jU
z' l5mEgl3��W'J^Rw�z"f/ROa6%s|N1KiK^�ϦO*L���Kq�>lgLp�-�ϱeRZ`l/Z6w�3�0�d(��
|
Network Security & Hardware 
