SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   KisMAC Vendors:   binaervarianz.de
KisMAC Wireless Protocol Stumbler Installation Bug May Overwrite File Permissions
SecurityTracker Alert ID:  1005764
SecurityTracker URL:  http://securitytracker.com/id/1005764
CVE Reference:   CVE-2002-2242   (Links to External Site)
Updated:  Jun 8 2008
Original Entry Date:  Dec 5 2002
Impact:   Modification of system information
Vendor Confirmed:  Yes  
Version(s): 0.02a and prior versions
Description:   A vulnerability was reported in the KisMAC wireless protocol stumbler for Mac OS X. The installation software may overwrite file permissions to be unsafe permissions.

According to the vendor's web site, the Apple Package Manager for KisMAC overwrites file permissions after each installation. The specific nature of the permission changes was not disclosed.

The vendor credits Norbert Rittel with reporting this vulnerbility.

Impact:   The installation software may overwrite certain file permissions after installation.
Solution:   Users that installed KisMAC 0.02a or earlier are advised to fix the permissions by using Apple's Disk Utility. The Disk First Aid tool reportedly offers an option to repair disk permissions.
Vendor URL:  www.binaervarianz.de/projekte/programmieren/kismac/ (Links to External Site)
Cause:   Access control error
Underlying OS:  UNIX (macOS/OS X)
Underlying OS Comments:  OS X 10.2

Message History:   None.


 Source Message Contents

Subject:  KisMAC vulnerability


http://www.binaervarianz.de/projekte/programmieren/kismac/

The vendor of KisMAC, a wireless WEP stumbler for MacOS X, reports that there is a
security flaw in KisMAC 0.02a or prior versions.

According to the vendor's web site, the Apple Package Manager overwrites file permissions
after each installation. 

Users that installed KisMAC 0.02a or earlier are advised to fix the permissions by using
Apple's Disk Utility.  The Disk First Aid tool reportedly offers an option to repair disk
permissions. 

The vendor credits Norbert Rittel with reporting this vulnerbility.



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC