Secunia

Apple has issued security updates for Mac OS X. These fix several vulnerabilities, which can be exploited by malicious people to perform a variety of attacks.

The AppleFileServer contains an unspecified vulnerability when handling malformed requests.

An error in the handling of malformed ASN.1 sequences can be exploited to cause a DoS (Denial of Service).

A boundary error in "cd9660.util" can potentially be exploited by malicious, local users to escalate their privileges.

For more information:
SA10440

Insecure default settings when handling DHCP packets can potentially be exploited by malicious people to compromise a user's system.

For more information:
SA10295

An error in fetchmail when handling long lines can be exploited to cause a DoS.

For more information:
SA10025

An unspecified vulnerability in the tool "fs_usage" can be exploited by malicious, local users to escalate their privileges.

An integer overflow in rsync can potentially be exploited by malicious people to compromise a vulnerable system.

For more information:
SA10353

A security issue in the Screen Saver can be exploited to perform some actions for a limited period of time on the desktop and applications when the login window is present.

During the system initialisation process, a malicious, local user can get a root shell by pressing the "Ctrl" and "C" keys on a USB keyboard for an extended period of time.

Solution
Apply Security Update 2003-12-19.
Further details available in Customer Area

Provided and/or discovered by
Apple credits the discovery of some vulnerabilities to:

William A. Carrel, Benjamin Kelly, and Dave G.

Other references
Further details available in Customer Area

Deep Links
Links available in Customer Area