|
Mac OS X Security Update Fixes Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA12491
|
|
|
Release Date:
|
2004-09-08
|
|
Last Update:
|
2004-10-14
|
|
Popularity:
|
16,412 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Security Bypass
Cross Site Scripting
Manipulation of data
Exposure of system information
Exposure of sensitive information
Privilege escalation
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Apple Macintosh OS X
|
|
| Software: | Safari 1.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2004-0175
CVE-2004-0183
CVE-2004-0184
CVE-2004-0426
CVE-2004-0488
CVE-2004-0493
CVE-2004-0521
CVE-2004-0523
CVE-2004-0607
CVE-2004-0720
CVE-2004-0794
CVE-2004-0821
CVE-2004-0822
CVE-2004-0823
CVE-2004-0824
CVE-2004-0825
|
|
Description:
Apple has issued a security update for Mac OS X, which fixes various vulnerabilities.
1) Two vulnerabilities in mod_ssl and apache can potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
For more information:
SA11534
SA11956
These vulnerabilities affect Server versions only.
2) A vulnerability within the CoreFoundation may result in a privileged program loading a user supplied library. The problem is reportedly that bundles using the CFPlugIn facilities can include directions to automatically load plugin executables.
Successful exploitation allows a malicious, local users to gain escalated privileges.
3) A vulnerability within the CoreFoundation can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to a boundary error within the handling of an environment variable. This may cause a buffer overflow and allow execution of arbitrary code with the privileges of a privileged program.
4) A vulnerability in the IPsec implementation can potentially be exploited by malicious people to bypass certain security restrictions.
For more information:
SA11863
5) Vulnerabilities in Kerberos can be exploited by malicious users to compromise a vulnerable system.
For more information:
SA11753
6) Vulnerabilities in lukemftpd can potentially be exploited by malicious users to gain escalated privileges or compromise a vulnerable system.
For more information:
SA12226
7) A vulnerability in OpenLDAP may reportedly allow a crypt password to be used as if it was a plain text password. The vulnerability is caused due to an error within the backwards compatibility with older LDAP implementations, which allows a crypt password to be stored in the "userPassword" attribute.
This vulnerability does not affect version 10.2.8.
8) An older vulnerability in OpenSSH can potentially be exploited by malicious people to overwrite arbitrary files.
The vulnerability is caused due to missing validation in the scp utility when handling filenames. This can be exploited by a malicious SSH server to overwrite an arbitrary file with the privileges of the user via a directory traversal attack.
9) A vulnerability in the PPPDialer can be exploited by malicious, local users to overwrite certain system files.
For more informatio:
SA12157
10) A vulnerability in the QuickTime Streaming Server can be exploited by malicious people to cause a DoS (Denial of Service) via a particular sequence of client operations.
This vulnerability affects Server versions only.
11) A vulnerability in rsync can be exploited by malicious people to write files outside the intended directory.
For more information:
SA11514
12) A vulnerability in Safari can be exploited by malicious people to spoof the content of websites.
For more information:
SA11978
13) Vulnerabilities in SquirrelMail can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
For more information:
SA11685
14) Two vulnerabilities in tcpdump can be exploited by malicious people to cause a DoS (Denial of Service).
For more information:
SA11258
Solution:
Apply Security Update 2004-09-07 v1.1.
Mac OS X 10.3.5:
http://www.apple.com/support/download..._2004-09-07_v_1_1(10_3_5_Client).html
Mac OS X Server 10.3.5:
http://www.apple.com/support/download...2004-09-07_v_1_1_(10_3_5_Server).html
Mac OS X 10.3.4:
http://www.apple.com/support/download..._2004-09-07_v_1_1(10_3_4_Client).html
Mac OS X Server 10.3.4:
http://www.apple.com/support/download...2004-09-07_v_1_1_(10_3_4_Server).html
Mac OS X 10.2.8:
http://www.apple.com/support/download...2004-09-07_v_1_1_(10_2_8_Client).html
Mac OS X Server 10.2.8:
http://www.apple.com/support/download...e_2004-09-07v_1_1(10_2_8_Server).html
Provided and/or discovered by:
2) Kikuchi Masashi
3) Aaron
7) Steve Revilak
Changelog:
2004-09-10: Added links to US-CERT vulnerability notes.
2004-09-14: Added link to US-CERT vulnerability note.
2004-09-15: Apple issues version 1.1 of the update to correct some errors.
2004-10-14: Updated links to prior advisories.
Other References:
SA11258:
http://secunia.com/advisories/11258/
SA11514:
http://secunia.com/advisories/11514/
SA11534:
http://secunia.com/advisories/11534/
SA11685:
http://secunia.com/advisories/11685/
SA11753:
http://secunia.com/advisories/11753/
SA11863:
http://secunia.com/advisories/11863/
SA11956:
http://secunia.com/advisories/11956/
SA11978:
http://secunia.com/advisories/11978/
SA12157:
http://secunia.com/advisories/12157/
SA12226:
http://secunia.com/advisories/12226/
US-CERT VU#545446:
http://www.kb.cert.org/vuls/id/545446
US-CERT VU#704110:
http://www.kb.cert.org/vuls/id/704110
US-CERT VU#914870:
http://www.kb.cert.org/vuls/id/914870
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
