Details of a vulnerability in Mac OS X that creates a mechanism for crackers to take over vulnerable machines has been posted on the Net.
Security researcher William Carrel released details of a vulnerability, and suggested workarounds, in advance of a fix from Apple because of what he sees as the vendor's sluggish response to the problem.
The issue stems from a flaw in Apple's Dynamic Host Configuration Protocol (DHCP) client that means a user can be tricked into logging onto a rogue server. DHCP servers manage the assignment of IP addresses on a network.
If an Apple machine is booted in a hostile environment, this vulnerability means an attacker could load malicious code and take full control of a vulnerable Mac OS X workstation or server.
Exploitation is possible in both wired and wireless environments but by far the greater risk appears to come with WLANs.
The vulnerability affects Mac OS X 10.2 and 10.3 on both workstation and servers. Earlier versions of Mac OS X may also be vulnerable.
Carrel suggests a number of workarounds including preventing any network authorisation services from obtaining settings from DHCP, as explained here.
A fix from Apple is not expected before next month at the earliest. ®