13) An error in lukemftpd can be exploited by malicious users to bypass chroot restrictions. In order to restrict users to their home directory, both their full name and short name must be listed in the "/etc/ftpchroot" file. However, the problem is that users can change their full name and thereby bypass this restriction.
14) A boundary error in the Netinfo Setup Tool (NeST) when processing input passed to the "-target" command line parameter can be exploited by malicious, local users to cause a buffer overflow and execute arbitrary code with escalated privileges on a vulnerable system.
15) When enabling the HTTP proxy service in Server Admin, it is by default possible for everyone (including users on the Internet) to use the proxy service.
16) A vulnerability in sudo within the environment clearing can be exploited by malicious, local users to gain escalated privileges.
17) An error in the Terminal utility can be exploited to inject data via malicious input containing escape sequences in window titles.
18) An error in the Terminal utility can be exploited to inject commands into a user's Terminal session via malicious input containing escape characters in x-man-path URIs.
19) A boundary error in vpnd can be exploited by malicious, local users to cause a buffer overflow via an overly long Server_id parameter and execute arbitrary code with escalated privileges on systems configured as a VPN server.
Provided and/or discovered by: 1) JxT
3) Henrik Dalgaard
4) David Remahl
5) Kevin Finisterre, digitalmunition.com.
6) Kevin Finisterre, digitalmunition.com.
10) David Remahl
13) Rob Griffiths
17) David Remahl
18) David Remahl
19) Jason Aras and Pieter de Boer
Original Advisory: Apple:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Mac OS X Security Update Fixes Multiple Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.