Apple iOS < 1.1.4 DoS
High Nessus Network Monitor Plugin ID 4425
SynopsisThe remote mobile host is vulnerable to a denial of service (DoS) attack.
DescriptionVersions of Apple iOS prior to 1.1.4 use a vulnerable build of the Apple Webkit prior to 420.1, which is affected by a denial of service vulnerability. This flaw exists because of the way the Safari browser handles memory. Specifically, when all memory has been utilized by the browser, it will attempt to close all inactive documents. In the process of closing these documents, a kernel panic and ensuing crash occurs. An attacker exploiting this flaw would need to be able to entice an iOS user to browse to a malicious web server. Successful exploitation would result in the device crashing.
SolutionUpgrade to iOS version 1.1.4 or higher.