Movida Apple

Todo lo que necesitas saber sobre Apple

Apple acredita al grupo Evad3rs por las vulnerabilidades del Jailbreak del iOS6

| 0 Comentarios

Captura de pantalla 2013-03-20 a la(s) 01.07.42

Apple ha acreditado oficialmente a el grupo de hackers Evad3rs con 4 de las 6 vulnerabilidades corregidas en el nuevo iOS 6.1.3. Recordemos que el grupo Evad3rs fue el encargado de lanzar el tan esperado Jailbreak del iOS 6. El grupo esta conformado por: planetbeing, Pimskeks, pod2g y MuscleNerd.

Estas son las vulnerabilidades acreditadas a dicho grupo:

dyld
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.
CVE-ID : CVE-2013-0977 : evad3rs

Kernel
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to determine the address of structures in the kernel
Description: An information disclosure issue existed in the ARM prefetch abort handler. This issue was addressed by panicking if the prefetch abort handler is not being called from an abort context.
CVE-ID : CVE-2013-0978 : evad3rs

Lockdown
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to change permissions on arbitrary files
Description: When restoring from backup, lockdownd changed permissions on certain files even if the path to the file included a symbolic link. This issue was addressed by not changing permissions on any file with a symlink in its path.
CVE-ID : CVE-2013-0979 : evad3rs

USB
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute arbitrary code in the kernel
Description: The IOUSBDeviceFamily driver used pipe object pointers that came from userspace. This issue was addressed by performing additional validation of pipe object pointers.
CVE-ID : CVE-2013-0981 : evad3rs


Pueden acceder a la nota original aqui:

APPLE-SA-2013-03-19-1 iOS 6.1.3

 

Si te gusto este articulo y quieres saber mas, sígueme en Twitter y Facebook:

@iPhoneVeneno

Facebook

Autor: iPhoneVeneno

Todo sobre Apple: iPhone, iPod, iPad, Mac, App Store y Cydia. http://Facebook.com/iPhoneVeneno | http://Instagram.com/iphoneveneno Venezuela #EnvenenaTuiPhone #GRATISxTiempoLimitado

Déjanos tu comentario o pregunta

Visit Us On TwitterVisit Us On FacebookVisit Us On Google Plus