Apple has fixed both iOS SMS security flaws found by pod2g with the release of iOS 6, reports the hacker.
"Apple has fixed both SMS issues I found in iOS 6. Good job and thanks to them," tweeted pod2g.
-----
Telephony
● Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
● Impact: An SMS message may appear to have been sent by an arbitrary user
● Description: Messages displayed the return address of an SMS message as the sender. Return addresses may be spoofed. This issue was addressed by always displaying the originating address instead of the return address.
● CVE-ID - CVE-2012-3744 : pod2g
-----
Telephony
● Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
● Impact: An SMS message may disrupt cellular connectivity
● Description: An off-by-one buffer overflow existed in the handling of SMS user data headers. This issue was addressed through improved bounds checking.
● CVE-ID - CVE-2012-3745 : pod2g
-----
You can read the full list of security updates in iOS 6 here.
"Apple has fixed both SMS issues I found in iOS 6. Good job and thanks to them," tweeted pod2g.
-----
Telephony
● Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
● Impact: An SMS message may appear to have been sent by an arbitrary user
● Description: Messages displayed the return address of an SMS message as the sender. Return addresses may be spoofed. This issue was addressed by always displaying the originating address instead of the return address.
● CVE-ID - CVE-2012-3744 : pod2g
-----
Telephony
● Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
● Impact: An SMS message may disrupt cellular connectivity
● Description: An off-by-one buffer overflow existed in the handling of SMS user data headers. This issue was addressed through improved bounds checking.
● CVE-ID - CVE-2012-3745 : pod2g
-----
You can read the full list of security updates in iOS 6 here.