iOS 6 Fixes SMS Security Flaws Found By Pod2g

Posted September 20, 2012 at 6:48am by iClarified | Please help us and submit a translation by clicking here | 11461 views

Apple has fixed both iOS SMS security flaws found by pod2g with the release of iOS 6, reports the hacker.

"Apple has fixed both SMS issues I found in iOS 6. Good job and thanks to them," tweeted pod2g.

-----
Telephony
● Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
● Impact: An SMS message may appear to have been sent by an arbitrary user
● Description: Messages displayed the return address of an SMS message as the sender. Return addresses may be spoofed. This issue was addressed by always displaying the originating address instead of the return address.
● CVE-ID - CVE-2012-3744 : pod2g
-----
Telephony
● Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
● Impact: An SMS message may disrupt cellular connectivity
● Description: An off-by-one buffer overflow existed in the handling of SMS user data headers. This issue was addressed through improved bounds checking.
● CVE-ID - CVE-2012-3745 : pod2g
-----

You can read the full list of security updates in iOS 6 here.


Share
Add Comment
Follow iClarified