Discuss fw 1.1.1 and the TIFF exploit...still ok to use? at the iPhone "2G" (Rev. 1) - Hackint0sh.org; I read these posts pretty much every day and have been seeing some people suggesting ...
fw 1.1.1 and the TIFF exploit...still ok to use?
I read these posts pretty much every day and have been seeing some people suggesting that apple has shut down the TIFF exploit with the release of a new 1.1.1.ipsw file. Does anyone know what versions still work...IF this is indeed true...I feel like people dont get through to jailbreakme.com and just simply claim the exploit has been closed.
I have iphone1,1_1.1.1_3a109a_Restore.ipsw and would like to upgrade but I cant find out if this version will be TIFF exploitable.
So, can anyone confirm this apparent urban legend? If so, which .ipsw versions should we stay away from and which ones are ok?
Edit update: I have found a previous version of 1.1.1, and its called 3B13, the updated version is called 3A109a. If you used the TIFF exploit, can you please go to Settings, General, About, and then report what is at "Version" (i.e., is it 1.1.1. 3A109a or is it 1.1.1 3B13)? This would be much appreciated. On the Apple web site, it discusses the security updates with 3A109a, one of them regarding Safari and dialing the iPhone:
Impact: Visiting a malicious website may lead to unintended dialing or dialing a different number than expected
Description: Safari supports telephone ("tel:") links to dial phone numbers. When a telephone link is selected, Safari will confirm that the number should be dialed. A maliciously crafted telephone link may cause a different number to be displayed during confirmation than the one actually dialed. Exiting Safari during the confirmation process may result in unintentional confirmation. This update addresses the issue by properly displaying the number that will be dialed, and requiring confirmation for telephone links. Credit to Billy Hoffman and Bryan Sullivan of HP Security Labs (formerly SPI Labs) and Eduardo Tang for reporting this issue."
CVE-ID: CVE-2006-3459, CVE-2006-3461, CVE-2006-3462, CVE-2006-3465
Available for: iPhone v1.0 through v1.1.1, iPod Touch v1.1 and v1.1.1
Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution
Description: ImageIO contains a version of libtiff that is vulnerable to multiple buffer overflows. By enticing a user to view a maliciously crafted TIFF image, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issues by performing additional validation of TIFF images. These issues do not affect Mac OS X v10.3.9 systems with Security Update 2006-004, Mac OS X v10.4.7 systems with Security Update 2006-004, or systems running Mac OS X v10.4.8 or later. Credit to Tavis Ormandy, Google Security Team for reporting this issue."
So, I suspect the myth that the TIFF exploit was closed in 1.1.1 is now dead... anyone agree with this?
Last edited by vancity; 11-19-2007 at 07:32 PM.
Reason: updated info
I used 3a109a 1.1.1 ipsw version on my OTB UK iPhone and it worked - tiff exploit wa s unpatched...
OTB UK iPhone 1.1.2
Jailbreaked and activated
bump to the front for a response.
I used 3A109a yesterday and it's fine..
By goudok in forum General
Last Post: 12-08-2007, 02:01 AM
By lighter in forum General
Last Post: 11-13-2007, 07:08 AM
By abtf2 in forum General
Last Post: 11-01-2007, 12:05 AM
By teekay in forum General
Last Post: 10-30-2007, 03:15 PM
By chow7 in forum Free Toolchain Software
Last Post: 10-29-2007, 08:32 PM