Re: Apple pentesting

From: Thomas Stromberg (tstrombe@indiana.edu)
Date: Tue Apr 05 2005 - 15:51:36 EDT

• Next message: Thomas Hardly: "Re: Apple pentesting"
• Previous message: Altheide, Cory B. (IARC): "RE: Apple pentesting"
• In reply to: Todd Towles: "RE: Apple pentesting"
• Next in thread: Thomas Hardly: "Re: Apple pentesting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Todd Towles wrote:
> Nessus does work against Macs, the problem with testing Macs is they
> never released vulnerability statements..never. If a hole is found,
> Apple releases a patch and no ones says anything. If Microsoft did
> this..everyone would go crazy.

See http://docs.info.apple.com/article.html?artnum=61798

You will find a list of what components each patch affects, along with
the CVE ID. Heck, they even give credit to the discoverers of each
exploit. While I can't say for sure that they have never snuck patches
in for unrelated issues, I've found it a worthwhile resource.

-- 
//  Thomas Stromberg, 812.855.8450
//  UNIX Coordinator, Chemistry IT Group
//  Indiana University Bloomington

• Next message: Thomas Hardly: "Re: Apple pentesting"
• Previous message: Altheide, Cory B. (IARC): "RE: Apple pentesting"
• In reply to: Todd Towles: "RE: Apple pentesting"
• Next in thread: Thomas Hardly: "Re: Apple pentesting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:19 EDT