Researchers have detected a critical vulnerability in the Safari browser of Apple's iPhone version 1.1.4 which could lead to a denial of service exploit that could result in an entire system crash.
Security experts say that the design flaw, which was detected by researchers at application delivery solutions company Radware earlier this week, triggers a series of memory allocation operations on the memory pool, which in turn triggers another bug in the garbage collector.
In order to exploit the vulnerability, a user would have to open a malicious HTML page containing javascript, usually through some kind of social engineering tactic such as phishing e-mail. Researchers said that in a worst case scenario, the user will experience an application level denial of service attack that could result in a complete crash of the Safari browser. The crashed browser could ultimately escalate the malfunction to the point of paralyzing the entire iPhone appliance.
Researchers at Radware said that every time the iPhone crashes, it creates a log file dump, resulting in a situation where the entire memory of the device is consumed. Because iTunes, the official interface of the iPhone/iPod, does not allow file system navigation, most users won't be able to fix it by themselves, said Radware.
"While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern," said Itzik Kitler, Radware security operation center manager, in a written statement. "Hackers continue to misappropriate other people's software and their job is made easier by design flaws embedded into software products."
So far, the vulnerability is only in the proof-of-concept stage, and has not yet been exploited in the wild. However, that will likely change as the iPhone becomes more popular and marketshare increases, experts say.
"Though it looks like a nuisance, the fact is that a more sophisticated hacker could use iPhone vulnerabilities to shut services down or install malware," said Ron Meyran, product marketing manager for Radware, via e-mail from Israel. "iPhone is about user mobility, which in turn exposes users to attacks and bypasses the security perimeter deployed by enterprises."
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
