what you don't know can hurt you

Apple Security Advisory 2012-08-20-1

Apple Security Advisory 2012-08-20-1
Posted Aug 20, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-08-20-1 - Apple Remote Desktop 3.6.1 is now available and addresses a failed encrypted connection that may result in an information disclosure vulnerability.

tags | advisory, remote, info disclosure
systems | apple
advisories | CVE-2012-0681
MD5 | 030da124f48598fbe36c590572e0ce19

Apple Security Advisory 2012-08-20-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2012-08-20-1 Apple Remote Desktop 3.6.1

Apple Remote Desktop 3.6.1 is now available and addresses the
following:

Apple Remote Desktop
Available for: Apple Remote Desktop 3.0 or later
Impact: Connecting to a third-party VNC server with "Encrypt all
network data" set may lead to information disclosure
Description: When connecting to a third-party VNC server with
"Encrypt all network data" set, data is not encrypted and no warning
is produced. This issue is addressed by creating an SSH tunnel for
the VNC connection in this configuration, and preventing the
connection if the SSH tunnel cannot be created. This issue does not
affect Apple Remote Desktop 3.5.1 and earlier.
CVE-ID
CVE-2012-0681 : Mark S. C. Smith studying at Central Connecticut
State University

Apple Remote Desktop 3.6.1 may be obtained from Mac App Store,
the Software Update pane in System Preferences, or Apple's Software
Downloads web site: http://www.apple.com/support/downloads/

The download file is named: "RemoteDesktopAdmin361.dmg"
Its SHA-1 digest is: dd41bab369c7905e79ff3b3adea97904f55d9759

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJQMqP5AAoJEPefwLHPlZEwUy8P/3qgEUoJz4NnnJgeyo+3z7Wl
a2/b5yPx5ptTcZiGandRMlrDftbwbOkpwCwJrqIv4czXL5T1J08cxUAW0rN2PzWG
KXCkjYQMRBVQoQftrL8wqNCJW3pPMTz0CGfoPXt2g7cR+9YVFyIwa2PLCVfKOgds
Y8kqlNJXgYwvJC22I3IDRvohsTJi4PYfZnRad3rd97J2nMTNTtYBC7x3MSWXd+z1
dVEV9eBDzK1eovf6n1YrVPLapWOA3+4ssYVGZ+/J9JjfW0RnhXSFZ9Yxnq/j8Zoy
CbQKZ903ncWF/DbliIkGYByO+4Hol2g0ZnFqTeO7d4Dsnf9+AVHqEB1dJJmR6qK/
4TgNVP4IUDpJjemVPFwYI5tFuzsXsjv6MvrLQR1wnFme1691Lc6DOekda8ZWfiRU
taJlCBay9BuuoAtP7jG0T5ZU8nZLUGTCFY2ubs2IM9OBJr1MD7SYuODMwJeivVsv
Ut6jBCGUoo2bBlJpOoCYUnCSpk7OW368WYUHD0LsnqmUkaTtGgQiJuSOs1N9/3wy
4aEvaLak0xsquzDn7SE70lrNPBRBc4/Rliv9jXRSA+xwsK5Rqtji/LHRtWibaOHd
wI5Zyq8/7JtaUWrCrwhAbyUFd3lr7hZFFDERLgpQJkIn6cmS+O6FWi7835vkURIO
n8Cd6teIejPCfMpyd9pf
=PSaI
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close