Secunia Reports Mac OS X FTP Vulnerability

by , 12:40 PM EST, December 5th, 2006

The security firm Secunia is reporting that it has uncovered a buffer overflow vulnerability in Mac OS X's ftpd function. The report states that if a system is compromised with this exploit, an attacker could potentially execute arbitrary code on the machine or launch a denial of service attack.

The vulnerability affects Mac OS X 10.3.9 and 10.4.8, but other version of the operating system may be vulnerable, too.

The FTP sharing service built into Mac OS X is disabled by default. If you aren't sure if it is running on your Mac, here's how to check:

This potential exploit assumes that your Mac is visible to other computers on your network, or on the Internet. If you use a properly configured firewall to block your visibility on the Internet, it's unlikely that anyone outside of your local network will be able to find your Mac to attempt an attack.

There are no known reports of this exploit being used.

Digg!