Threat Center Security News DoS hack found in iPhone
DoS hack found in iPhone Print E-mail
Written by Rebecca Mints   
Friday, 22 February 2008 10:06

Mcafee Avert Labs blogger Jimmy Shah recently uncovered an exploit in the Safari browser of the iPhone.  It could lead to the development of a one-step jailbreak for firmware version 1.1.3.

In an attempt to allow the installation of third party applications and custom ringtones, researchers found a way to unlock the file system on the iPhone with the latest firmware (1.1.3.).  By visiting a particular website via the Mobile Safari browser one can use the latest firmware to automatically unlock the iPhone.

The DoS vulnerability can be exploited by visiting the proof of concept page and clicking a button that will launch a warning and the exploit code will run.  A way around this is to disable the Javascript in the Safari setting menu.  Without Javascript enabled any code a hacker might write would not run automatically thus rendering the attack worthless.  Unfortunately certain web applications would not be accessable if the Javascript is disabled.

 

References:

iPhone DoS vulnerability exposed; possible 1.1.3 jailbreak option 

Apple iPhone DoS Vulnerability Exposed

 

 

 

WTW Threat Level