what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 15481

Secunia Security Advisory 15481
Posted Jun 16, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes various vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
SHA-256 | 52f9f27eacf3c057e13de9cc4e131646d970c7314a8d7aa1a5a65faa88e51e30

Secunia Security Advisory 15481

Change Mirror Download


----------------------------------------------------------------------

Bist Du interessiert an einem neuen Job in IT-Sicherheit?


Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/

----------------------------------------------------------------------

TITLE:
Mac OS X Security Update Fixes Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA15481

VERIFY ADVISORY:
http://secunia.com/advisories/15481/

CRITICAL:
Highly critical

IMPACT:
Unknown, Security Bypass, Exposure of system information, Exposure of
sensitive information, Privilege escalation, DoS, System access

WHERE:
>From remote

OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/

DESCRIPTION:
Apple has issued a security update for Mac OS X, which fixes various
vulnerabilities.

1) A boundary error in AFP Server within the support for legacy
clients can be exploited to cause a buffer overflow.

Successful exploitation allows execution of arbitrary code.

2) A bug in AFP Server when using an ACL-enabled storage volume may
in certain situations result in an ACL remaining attached when a file
with POSIX-only permissions is copied.

3) An input validation error can be exploited to access arbitrary
files on a Bluetooth-enabled system using directory traversal attacks
via the Bluetooth file and object exchange services.

4) A weakness in CoreGraphics can be exploited via a specially
crafted PDF document to crash an application using either PDFKit or
CoreGraphics to rendor PDF documents.

5) An error in the CoreGraphics Window Server can be exploited by
console users to gain escalated privileges by launching commands into
a root session.

6) Insecure folder permissions are set on the system's cache folder
and Dashboard system widgets.

7) A race condition in the temporary file creation of launchd can be
exploited by malicious, local users to take ownership of arbitrary
files on the system.

8) An error in LaunchServices can result in file extensions and MIME
types marked as unsafe to bypass download safety checks if they're
not mapped to an Apple UTI (Uniform Type Identifier).

9) A security issue in MCX Client may disclose Portable Home
Directory credentials to local users.

10) A security issue in NFS causes a NFS export restricted using
"-network" and "-mask" to be exported to "everyone".

11) Multiple vulnerabilities in PHP can be exploited by malicious
people to cause a DoS (Denial of Service) and potentially compromise
a vulnerable system.

For more information:
SA14792

12) A boundary error in vpnd can be exploited by malicious, local
users to cause a buffer overflow via an overly long Server_id
parameter and execute arbitrary code with escalated privileges on
systems configured as a VPN server.

SOLUTION:
Apply Security Update 2005-006.

Mac OS X 10.3.9:
http://www.apple.com/support/downloads/securityupdate2005006macosx1039.html

Mac OS X 10.4.1:
http://www.apple.com/support/downloads/securityupdate2005006macosx1041.html

PROVIDED AND/OR DISCOVERED BY:
3) Kevin Finisterre, digitalmunition.com.
4) Chris Evans
6) Michael Haller
7) Neil Archibald
12) Pieter de Boer

ORIGINAL ADVISORY:
Apple:
http://docs.info.apple.com/article.html?artnum=301742

OTHER REFERENCES:
SA14792:
http://secunia.com/advisories/14792/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close