Motherboard Forums


Reply
Thread Tools Display Modes

Security update 2008-2

 
 
Michelle Steiner
Guest
Posts: n/a
 
      03-19-2008, 12:19 AM
This document describes Security Update 2008-002, which can be
downloaded and installed via Software Update preferences, or from Apple
Downloads.
For the protection of our customers, Apple does not disclose, discuss,
or confirm security issues until a full investigation has occurred and
any necessary patches or releases are available. To learn more about
Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see "How to
use the Apple Product Security PGP Key."
Where possible, CVE IDs are used to reference the vulnerabilities for
further information.
To learn about other Security Updates, see "Apple Security Updates."
Security Update 2008-002
? AFP Client
CVE-ID: CVE-2008-0044
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
v10.5.2, Mac OS X Server v10.5.2
Impact: Accessing a maliciously crafted afp:// URL may lead to an
application termination or arbitrary code execution
Description: Multiple stack buffer overflow issues exist in AFP Client's
handling of afp:// URLs. By enticing a user to connect to a malicious
AFP Server, an attacker may cause an unexpected application termination
or arbitrary code execution. This update addresses the issues through
improved bounds checking.
? AFP Server
CVE-ID: CVE-2008-0045
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Cross-realm authentication with AFP Server may be bypassed
Description: An implementation issue exists in AFP Server's check of
Kerberos principal realm names. This may allow unauthorized connections
to the server, when cross-realm authentication with AFP Server is used.
This update addresses the issue by through improved checks of Kerberos
principal realm names. This issue does not affect systems running Mac OS
X v10.5 or later. Credit to Ragnar Sundblad of KTH - Royal Institute of
Technology, Stockholm, Sweden for reporting this issue.
? Apache
CVE-ID: CVE-2005-3352, CVE-2006-3747, CVE-2007-3847, CVE-2007-5000,
CVE-2007-6388
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
Server v10.5.2
Impact: Multiple vulnerabilities in Apache 1.3.33 and 1.3.39
Description: Apache is updated to version 1.3.41 to address several
vulnerabilities, the most serious of which may lead to arbitrary code
execution. Further information is available via the Apache web site at
http://httpd.apache.org For Mac OS X v10.5, Apache version 1.3.x is only
shipped on Server configurations. mod_ssl is also updated from version
2.8.24 to 2.8.31 to match the upgraded Apache; no security fixes are
included in the update.
? Apache
CVE-ID: CVE-2007-5000, CVE-2007-6203, CVE-2007-6388, CVE-2007-6421,
CVE-2008-0005
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Multiple vulnerabilities in Apache 2.2.6
Description: Apache is updated to version 2.2.8 to address several
vulnerabilities, the most serious of which may lead to cross-site
scripting. Further information is available via the Apache web site at
http://httpd.apache.org
? AppKit
CVE-ID: CVE-2008-0048
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Usage of the NSDocument API to may lead to arbitrary code
execution
Description: A stack buffer overflow exists in the NSDocument API's
handling of file names. On most file systems, this issue is not
exploitable. This update addresses the issue through improved bounds
checking. This issue does not affect systems running Mac OS X v10.5 or
later.
? AppKit
CVE-ID: CVE-2008-0049
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: A local user may be able to execute arbitrary code with system
privileges
Description: A mach port in NSApplication intended for inter-thread
synchronization is unintentionally available for inter-process
communication. By sending maliciously crafted messages to privileged
applications in the same bootstrap namespace, a local user may cause
arbitrary code execution with the privileges of the target application.
This update addresses the issue by removing the mach port in question
and using another method to synchronize. This issue does not affect
systems running Mac OS X v10.5 or later.
? AppKit
CVE-ID: CVE-2008-0057
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: Multiple integer overflow vulnerabilities exist in the
parser for a legacy serialization format. By causing a maliciously
formatted serialized property list to be parsed, an attacker could
trigger a heap-based buffer overflow which may lead to arbitrary code
execution. This update addresses the issue by performing additional
validation of serialized input. This issue does not affect systems
running Mac OS X v10.5 or later.
? AppKit
CVE-ID: CVE-2008-0997
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Querying a network printer may cause an unexpected application
termination or arbitrary code execution
Description: A stack based buffer overflow exists in AppKit's handling
of PPD files. By enticing a user to query a network printer, an attacker
may cause an unexpected application termination or arbitrary code
execution. This update addresses the issue through improved handling of
PPD files. This issue does not affect systems running Mac OS X v10.5 or
later.
? Application Firewall
CVE-ID: CVE-2008-0046
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: The German translation of the Application Firewall preference
pane was misleading
Description: The "Set access for specific services and applications"
radio button of the Application Firewall preference pane was translated
into German as "Zugriff auf bestimmte Dienste und Programme festlegen",
which is "Set access to specific services and applications". This might
lead a user to believe that the listed services were the only ones that
would be permitted to accept incoming connections. This update addresses
the issue by changing the German text to semantically match the English
text. This issue does not affect systems prior to Mac OS X v10.5.
? CFNetwork
CVE-ID: CVE-2008-0050
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: A malicious proxy server may spoof secure websites
Description: A malicious HTTPS proxy server may return arbitrary data to
CFNetwork in a 502 Bad Gateway error. A malicious proxy server could use
this to spoof secure websites. This update addresses the issue by
returning an error on any proxy error, instead of returning the
proxy-supplied data. This issue is already addressed in systems running
Mac OS X v10.5.2.
? ClamAV
CVE-ID: CVE-2007-3725, CVE-2007-4510, CVE-2007-4560, CVE-2007-5759,
CVE-2007-6335, CVE-2007-6336, CVE-2007-6337, CVE-2008-0318, CVE-2008-0728
Available for: Mac OS X Server v10.5.2
Impact: Multiple vulnerabilities in ClamAV 0.90.3
Description: Multiple vulnerabilities exist in ClamAV 0.90.3 provided
with Mac OS X Server v10.5 systems, the most serious of which may lead
to arbitrary code execution. This update addresses the issue by updating
to ClamAV 0.92.1. Further information is available via the ClamAV
website at www.clamav.net
? ClamAV
CVE-ID: CVE-2006-6481, CVE-2007-1745, CVE-2007-1997, CVE-2007-3725,
CVE-2007-4510, CVE-2007-4560, CVE-2007-0897, CVE-2007-0898,
CVE-2008-0318, CVE-2008-0728
Available for: Mac OS X Server v10.4.11
Impact: Multiple vulnerabilities in ClamAV 0.88.5
Description: Multiple vulnerabilities exist in ClamAV 0.88.5 provided
with Mac OS X Server v10.4.11, the most serious of which may lead to
arbitrary code execution. This update addresses the issue by updating to
ClamAV 0.92.1. Further information is available via the ClamAV website
at www.clamav.net
? CoreFoundation
CVE-ID: CVE-2008-0051
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: A local user may be able to execute arbitrary code with system
privileges
Description: An integer overflow exists in CoreFoundation's handling of
time zone data. This may allow a local user to cause arbitrary code
execution with system privileges. This update addresses the issue
through improved bounds checking on time zone data files. This issue
does not affect systems running Mac OS X v10.5 or later.
? CoreServices
CVE-ID: CVE-2008-0052
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Visiting a website could cause files to be opened in AppleWorks
Description: Files with names ending in ".ief" can be automatically
opened in AppleWorks if Safari's "Open 'Safe' files" preference is
enabled. This is not the intended behavior and could lead to security
policy violations. This update addresses the issue by removing ".ief"
from the list of safe file types. This issue only affects systems prior
to Mac OS X v10.5 with AppleWorks installed.
? CUPS
CVE-ID: CVE-2008-0596
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: A remote attacker may be able to cause an unexpected application
termination if printer sharing is enabled
Description: A memory leak exists in CUPS. By sending a large number of
requests to add and remove shared printers, an attacker may be able to
cause a denial of service. This issue can not result in arbitrary code
execution. This update addresses the issue through improved memory
management. This issue does not affect systems prior to Mac OS X v10.5.
? CUPS
CVE-ID: CVE-2008-0047
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: A remote attacker may be able to cause an unexpected application
termination or arbitrary code execution if printer sharing is enabled
Description: A heap buffer overflow exists in the CUPS interface's
processing of search expressions. If printer sharing is enabled, a
remote attacker may be able to cause an unexpected application
termination or arbitrary code execution with system privileges. If
printer sharing is not enabled, a local user may be able to gain system
privileges. This update addresses the issue by performing additional
bounds checking. This issue does not affect systems prior to Mac OS X
v10.5. Credit to regenrecht working with the VeriSign iDefense VCP for
reporting this issue.
? CUPS
CVE-ID: CVE-2008-0053, CVE-2008-0882
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Multiple vulnerabilities in CUPS may lead to an unexpected
application termination or arbitrary code execution with system
privileges
Description: Multiple input validation issues exist in CUPS, the most
serious of which may lead to arbitrary code execution with system
privileges. This update addresses the issues by updating to CUPS 1.3.6.
These issues do not affect systems prior to Mac OS X v10.5.
? curl
CVE-ID: CVE-2005-4077
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Running curl with a maliciously crafted URL may lead to an
unexpected application termination or arbitrary code execution
Description: A one byte buffer overflow exists in curl 7.13.1. By
enticing a user to run curl with a maliciously crafted URL, an attacker
may cause an unexpected application termination or arbitrary code
execution. This update addresses the issue by updating curl to version
7.16.3. Crash Reporter was updated to match the curl changes. This issue
does not affect systems running Mac OS X v10.5 or later.
? Emacs
CVE-ID: CVE-2007-6109
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
v10.5.2, Mac OS X Server v10.5.2
Impact: Format string vulnerability in Emacs Lisp may lead to an
unexpected application termination or possibly arbitrary code execution
Description: A stack buffer overflow exists in Emacs' format function.
By exploiting vulnerable Emacs Lisp which allows an attacker to provide
a format string containing a large precision value, an attacker may
cause an unexpected application termination or possibly arbitrary code
execution. Further information on the patch applied is available via the
Savannah Emacs website at
http://cvs.savannah.gnu.org/viewvc/e...c?r1=1.439.2.3
&r2=1.439.2.9&view=patch
? Emacs
CVE-ID: CVE-2007-5795
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Safe mode checks in Emacs may be bypassed
Description: A logic error in Emacs' hack-local-variable function allows
any local variable to be set, even if `enable-local-variables' is set to
:safe. By enticing a user to load a file containing a maliciously
crafted local variables declaration, a local user may cause an
unauthorized modification of Emacs Lisp variables leading to arbitrary
code execution. This issue has been fixed through improved :safe mode
checks. The patch applied is available via the Savannah Emacs website at
http://cvs.savannah.gnu.org/viewvc/e....937&r2=1.938&
sortby=date&root=emacs&view=patch This issue does not affect systems
prior to Mac OS X v10.5.
? file
CVE-ID: CVE-2007-2799
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Running the file command on a maliciously crafted file may lead
to an unexpected application termination or arbitrary code execution
Description: An integer overflow vulnerability exists in the file
command line tool, which may lead to an unexpected application
termination or arbitrary code execution. This update addresses the issue
through improved bounds checking. This issue does not affect systems
running Mac OS X v10.5 or later. Credit to Colin Percival of the FreeBSD
security team for reporting this issue.
? Foundation
CVE-ID: CVE-2008-0054
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Usage of the NSSelectorFromString API may result in an
unexpected method being called
Description: An input validation issue exists in the
NSSelectorFromString API. Passing it a malformed selector name may
result in the return of an unexpected selector, which could lead to an
unexpected application termination or arbitrary code execution. This
update addresses the issue by performing additional validation on the
selector name. This issue does not affect systems running Mac OS X v10.5
or later.
? Foundation
CVE-ID: CVE-2008-0055
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: A local user can interfere in other users' file operations and
may be able to obtain elevated privileges
Description: When performing a recursive file copying operation,
NSFileManager creates directories as world-writable, and only later
restricts the permissions. This creates a race condition during which a
local user can manipulate the directory and interfere in subsequent
operations. This may lead to a privilege escalation to that of the
application using t he API. This update addresses the issue by creating
directories with restrictive permissions. This issue does not affect
systems running Mac OS X v10.5 or later.
? Foundation
CVE-ID: CVE-2008-0056
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Programs using the NSFileManager API could be manipulated to
execute arbitrary code
Description: A long pathname with an unexpected structure can expose a
stack buffer overflow vulnerability in NSFileManager. Presenting a
specially crafted path to a program using NSFileManager could lead to
the execution of arbitrary code. This update addresses the issue by
ensuring a properly sized destination buffer. This issue does not affect
systems running Mac OS X v10.5 or later.
? Foundation
CVE-ID: CVE-2008-0058
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Visiting a maliciously crafted website may lead to a denial of
service or arbitrary code execution
Description: A thread race condition exists in NSURLConnection's cache
management, which can cause a deallocated object to receive messages.
Triggering this issue may lead to a denial of service, or arbitrary code
execution with the privileges of Safari or another program using
NSURLConnection. This update addresses the issue by removing an
unsynchronized caching operation. This issue does not affect systems
running Mac OS X v10.5 or later. Credit to Daniel Jalkut of Red Sweater
Software for reporting this issue.
? Foundation
CVE-ID: CVE-2008-0059
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Processing an XML document may lead to an unexpected application
termination or arbitrary code execution
Description: A race condition exists in NSXML. By enticing a user to
process an XML file in an application which uses NSXML, an attacker may
cause an unexpected application termination or arbitrary code execution.
This update addresses the issue through improvements to the error
handling logic of NSXML. This issue does not affect systems running Mac
OS X v10.5 or later.
? Help Viewer
CVE-ID: CVE-2008-0060
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
v10.5.2, Mac OS X Server v10.5.2
Impact: Accessing a maliciously crafted help: URL may lead to arbitrary
Applescript execution
Description: A malicious help:topic_list URL may insert arbitrary HTML
or JavaScript into the generated topic list page, which may redirect to
a Help Viewer help:runscript link that runs Applescript. This update
addresses the issue by performing HTML escaping on the URL data used in
help topic lists before building the generated page. Credit to Brian
Mastenbrook for reporting this issue.
? Image Raw
CVE-ID: CVE-2008-0987
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Viewing a maliciously crafted image may lead to an unexpected
application termination or arbitrary code execution
Description: A stack based buffer overflow exists in the handling of
Adobe Digital Negative (DNG) image files. By enticing a user to open a
maliciously crafted image file, an attacker may cause an unexpected
application termination or arbitrary code execution. This update
addresses the issue through improved validation of DNG image files. This
issue does not affect systems prior to Mac OS X v10.5. Credit to Clint
Ruoho of Laconic Security for reporting this issue.
? Kerberos
CVE-ID: CVE-2007-5901, CVE-2007-5971, CVE-2008-0062, CVE-2008-0063
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
v10.5.2, Mac OS X Server v10.5.2
Impact: Multiple vulnerabilities in MIT Kerberos 5 may lead to an
unexpected application termination or arbitrary code execution with
system privileges
Description: Multiple memory corruption issues exist in MIT Kerberos 5,
which may lead to an unexpected application termination or arbitrary
code execution with system privileges. Further information on the issues
and the patches applied is available via the MIT Kerberos website at
http://web.mit.edu/Kerberos/ CVE-2008-0062 and CVE-2008-0063 do not
affect systems running Mac OS X v10.5 or later. CVE-2007-5901 does not
affect systems prior to Mac OS X v10.4.
? libc
CVE-ID: CVE-2008-0988
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Applications that use the strnstr API could be vulnerable to a
denial of service
Description: An off by one issue exists in Libsystem's strnstr(3)
implementation. Applications that use the strnstr API can read one byte
beyond the limit specified by the user, which may lead to an unexpected
application termination. This update addresses the issue through
improved bounds checking. This issue does not affect systems running Mac
OS X v10.5 or later. Credit to Mike Ash of Rogue Amoeba Software for
reporting this issue.
? mDNSResponder
CVE-ID: CVE-2008-0989
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: A local user may be able to execute arbitrary code with system
privileges
Description: A format string issue exists in mDNSResponderHelper. By
setting the local hostname to a maliciously crafted string, a local user
could cause a denial of service or arbitrary code execution with the
privileges of mDNSResponderHelper. This update addresses the issue by
using a static format string. This issue does not affect systems prior
to Mac OS X v10.5.
? notifyd
CVE-ID: CVE-2008-0990
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: A local user may be able to deny access to notifications
Description: notifyd accepts Mach port death notifications without
verifying that they come from the kernel. If a local user sends fake
Mach port death notifications to notifyd, applications that use the
notify(3) API to register for notifications may never receive the
notifications. This update addresses the issue by only accepting Mach
port death notifications from the kernel. This issue does not affect
systems running Mac OS X v10.5 or later.
? OpenSSH
CVE-ID: CVE-2007-4752
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
v10.5.2, Mac OS X Server v10.5.2
Impact: A remote attacker may be able to execute arbitrary code with
elevated privileges
Description: OpenSSH forwards a trusted X11 cookie when it cannot create
an untrusted one. This may allow a remote attacker to gain elevated
privileges. This update addresses the issue by updating OpenSSH to
version 4.7. Further information is available via the OpenSSH website at
http://www.openssh.org/txt/release-4.7
? pax archive utility
CVE-ID: CVE-2008-0992
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Running the pax command on a maliciously crafted archive may
lead to arbitrary code execution
Description: The pax command line tool does not check a length in its
input before using it as an array index, which may lead to an unexpected
application termination or arbitrary code execution. This update
addresses the issue by checking the index. This issue does not affect
systems prior to Mac OS X v10.5.
? PHP
CVE-ID: CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662,
CVE-2007-4766, CVE-2007-4767, CVE-2007-4768, CVE-2007-4887
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Multiple vulnerabilities in PHP 5.2.4
Description: PHP is updated to version 5.2.5 to address multiple
vulnerabilities, the most serious of which may lead to arbitrary code
execution. Further information is available via the PHP website at
http://www.php.net/ PHP version 5.2.x is only provided with Mac OS X
v10.5 systems.
? PHP
CVE-ID: CVE-2007-3378, CVE-2007-3799
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
Server v10.5.2
Impact: Multiple vulnerabilities in PHP 4.4.7
Description: PHP is updated to version 4.4.8 to address multiple
vulnerabilities, the most serious of which may lead to arbitrary code
execution. Further information is available via the PHP website at
http://www.php.net/
? Podcast Producer
CVE-ID: CVE-2008-0993
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Podcast Capture exposes passwords to other local users
Description: The Podcast Capture application provides passwords to a
subtask through the arguments, potentially exposing the passwords to
other local users. This update corrects the issue by providing passwords
to the subtask through a pipe. This issue does not affect systems prior
to Mac OS X v10.5. Credit to Maximilian Reiss of Chair for Applied
Software Engineering, TUM for reporting this issue.
? Preview
CVE-ID: CVE-2008-0994
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Saving to encrypted PDF in Preview produces files that may be
read without the password
Description: When Preview saves a PDF file with encryption, it uses
40-bit RC4. This encryption algorithm may be broken with significant but
readily available computing power. A person with access to the file may
apply a brute-force technique to view it. This update enhances the
encryption to 128-bit RC4.
? Printing
CVE-ID: CVE-2008-0995
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Printing to encrypted PDF produces files that may be read
without the `open' password
Description: Printing to a PDF file and setting an 'open' password uses
40-bit RC4. This encryption algorithm may be broken with significant but
readily available computing power. A person with access to the file may
apply a brute-force technique to view it. This update enhances the
encryption to 128-bit RC4. This issue does not affect systems prior to
Mac OS X v10.5.
? Printing
CVE-ID: CVE-2008-0996
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Printing to an authenticated print queue may disclose login
credentials
Description: An information disclosure issue exists in the handling of
authenticated print queues. When starting a job on an authenticated
print queue, the credentials used for authentication may be saved to
disk. This update addresses the issue by removing user credentials from
printing presets before saving them to disk. This issue does not affect
systems prior to Mac OS X v10.5.
? System Configuration
CVE-ID: CVE-2008-0998
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
v10.5.2, Mac OS X Server v10.5.2
Impact: A local user may be able to execute arbitrary code with system
privileges
Description: The privileged tool NetCfgTool uses distributed objects to
communicate with untrusted client programs on the local machine. By
sending a maliciously crafted message, a local user can bypass the
authorization step and may cause arbitrary code execution with the
privileges of the privileged program. This update addresses the issue by
performing additional validation of distributed objects.
? UDF
CVE-ID: CVE-2008-0999
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Opening a maliciously crafted disk image may lead to an
unexpected system shutdown
Description: A null pointer dereference issue exists in the handling of
Universal Disc Format (UDF) file systems. By enticing a user to open a
maliciously crafted disk image, an attacker may cause an unexpected
system shutdown. This update addresses the issue through improved
validation of UDF file systems. This issue does not affect systems prior
to Mac OS X v10.5. Credit to Paul Wagland of Redwood Software, and Wayne
Linder of Iomega for reporting this issue.
? Wiki Server
CVE-ID: CVE-2008-1000
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: A user with access to edit wiki content may be able to execute
arbitrary commands as the wiki server
Description: A path traversal issue exists in the Mac OS X v10.5 Server
Wiki Server. Attackers with access to edit wiki content may upload files
that leverage this issue to place content wherever the wiki server can
write, which may lead to arbitrary code execution with the privileges of
the wiki server. This update addresses the issue through improved file
name handling. This issue does not affect systems prior to Mac OS X
v10.5. Credit to Rodrigo Carvalho, from the Core Security Consulting
Services (CSC) team of CORE Security Technologies.
? X11
CVE-ID: CVE-2007-4568, CVE-2007-4990
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Multiple Vulnerabilities in X11 X Font Server (XFS) 1.0.4
Description: Multiple vulnerabilities exist in X11 X Font Server (XFS)
1.0.4, the most serious of which may lead to arbitrary code execution.
This update addresses the issue by updating to version 1.0.5. Further
information is available via the X.Org website at
http://www.x.org/wiki/Development/Security These issues are already
addressed in systems running Mac OS X v10.5.2.
? X11
CVE-ID: CVE-2006-3334, CVE-2006-5793, CVE-2007-2445, CVE-2007-5266,
CVE-2007-5267, CVE-2007-5268, CVE-2007-5269
Available for: Mac OS X v10.5.2, Mac OS X Server v10.5.2
Impact: Multiple vulnerabilities in X11's libpng 1.2.8
Description: The PNG reference library (libpng) is updated to version
1.2.24 to address several vulnerabilities, the most serious of which may
lead to a remote denial of service or arbitrary code execution. Further
information is available via the libpng website at
http://www.libpng.org/pub/png/libpng.html This issue affects libpng
within X11. It does not affect systems prior to Mac OS X v10.5.
? X11
CVE-ID: CVE-2007-5958, CVE-2008-0006, CVE-2007-6427, CVE-2007-6428,
CVE-2007-6429
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X
v10.5.2, Mac OS X Server v10.5.2
Impact: Multiple vulnerabilities in the X11 server
Description: Numerous vulnerabilities in the X11 server allow execution
of arbitrary code with the privileges of the user running the X11 server
if the attacker can authenticate to the X11 server. This is a security
vulnerability only if the X11 server is configured to not require
authentication, which Apple does not recommend. This update fixes the
issue by applying the updated X.Org patches. Further information is
available via the X.Org website at
http://www.x.org/wiki/Development/Security

--
Support the troops: Bring them home ASAP.
 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Flashback Security Update and Leopard Security Update Michelle Steiner Apple 3 05-15-2012 11:39 AM
Mac Security: MOSX 10.4.9, Security Update 003, iPhoto 6.0.6 Derek Currie Apple 0 03-13-2007 09:22 PM
Mac Security: Summary of Apple Security Update 2006-007 Derek Currie Apple 7 12-02-2006 03:45 AM
Mac Security: 5 Security Improvements In 10.4.7 Update Derek Currie Apple 0 06-28-2006 11:12 PM
Mac Security: Java Security Update for 10.4.5 Derek Currie Apple 2 04-20-2006 06:56 PM


All times are GMT. The time now is 07:05 AM.


Welcome!
Welcome to Motherboard Point
 

Advertisment