|
Mac OS X Security Update Fixes Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA16449
|
|
|
Release Date:
|
2005-08-16
|
|
Last Update:
|
2005-08-18
|
|
Popularity:
|
22,912 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
Security Bypass
Cross Site Scripting
Manipulation of data
Exposure of sensitive information
Privilege escalation
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Apple Macintosh OS X
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Apple has issued a security update for Mac OS X, which fixes more than 40 vulnerabilities.
1) A boundary error in htdigest can be exploited to cause a buffer overflow by passing an overly long realm argument.
NOTE: htdigest is by default only locally accessible and not setuid / setgid.
2) Two vulnerabilities in Apache 2 can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
For more information:
SA12787
SA13045
3) A security issue in Apache 2 results in access to ".DS_Store" files and files starting with ".ht" not being fully blocked. The problem is that the Apache configuration blocks access in a case sensitive way, but the Apple HFS+ filesystem performs file access in a case insensitive way.
4) A security issue in Apache 2 makes it possible to bypass the normal Apache file handlers and retrieve file data and resource fork content via HTTP. The problem is that the Apple HFS+ filesystem permits files to have multiple data streams.
NOTE: This issue may also affect other products installed on the HFS+ filesystem.
5) A boundary error in the AppKit component can be exploited to cause a buffer overflow and execute arbitrary code on a user's system when a specially crafted rich text file is opened.
6) A boundary error in the AppKit component can be exploited to cause a buffer overflow and execute arbitrary code on a user's system when a specially crafted Microsoft Word .doc file is opened in e.g. TextEdit.
7) An error in the AppKit component allows malicious, local users with physical access to create additional local accounts.
8) A bug in the System Profiler causes it to display misleading information about whether or not a Bluetooth device requires authentication.
9) A boundary error in the CoreFoundation framework when processing command line arguments can be exploited to cause a buffer overflow and execute arbitrary code.
10) An error in the CoreFoundation framework when parsing Gregorian date information can cause applications to stall.
11) Errors in the CUPS printing service can cause it to stop printing when handling multiple, simultaneous print jobs.
12) A boundary error in Directory Services during the authentication handling can be exploited to cause a buffer overflow and execute arbitrary code.
13) Various errors in the privileged tool dsidentity can be exploited by unprivileged users to add or remove identity user accounts in Directory Services.
14) The slpd program in Directory Services creates temporary files insecurely. This can be exploited via symlink attacks to overwrite arbitrary files with root privileges.
15) An error in Hltoolbox may allow VoiceOver services to read contents from secure input fields.
16) An error in Kerberos can potentially be exploited by malicious users to compromise a vulnerable system.
For more information:
SA13592
17) Multiple boundary errors in Kerberos can be exploited by malicious people to cause a DoS or potentially compromise a vulnerable system.
For more information:
SA16041
18) An error in Kerberos when Kerberos authentication is enabled in addition to LDAP can be exploited to gain access to the root Terminal window.
19) An error in loginwindow can be exploited by malicious users with knowledge of two passwords to access other logged-in accounts when "Fast User Switching" is enabled without knowing these passwords.
20) The Mail component loads remote images in HTML emails (even with this disabled in the user's preferences), which can be exploited to enumerate valid email addresses.
21) Various errors in MySQL can potentially be exploited by malicious users to compromise a vulnerable system and by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
For more information:
SA14547
22) Three vulnerabilities in OpenSSL can be exploited by malicious people to cause a DoS (Denial-of-Service).
For more information:
SA11139
23) An unspecified boundary error in the ping utility can be exploited to cause a buffer overflow and potentially gain escalated privileges.
24) An error in QuartzComposerScreenSaver can be exploited by malicious people with physical access to open web pages while the RSS Visualizer screen saver is locked.
25) An error in Safari can be exploited to bypass the normal browser security checks and execute arbitrary commands when a link in a specially crafted rich text file is clicked.
26) A security issue in Safari when submitting forms on a XSL formatted page may cause the information to be submitted to the next visited web page.
27) A security issue in the SecurityInterface component may cause recently used passwords to be visible in the password assistant.
28) A boundary error in servermgrd during the authentication process can be exploited to cause a buffer overflow and execute arbitrary code.
29) A security issue in servermgr_ipfilter may cause certain firewall policies created with the Server Admin tool to not be written to the Active Rules.
30) Some vulnerabilities in Squirrelmail can be exploited to conduct cross-site scripting attacks or disclose and manipulate sensitive information.
For more information:
SA15721
SA16058
31) A boundary error in the traceroute utility can be exploited to cause a buffer overflow and execute arbitrary code.
32) An error in WebKit can be exploited to bypass normal browser security checks and execute arbitrary commands when a link in a specially crafted PDF document is clicked.
33) Various errors in Weblog Server can be exploited to conduct cross-site scripting attacks.
34) A vulnerability in X11 can potentially be exploited by malicious people to compromise a vulnerable system.
For more information:
SA14460
35) Errors in zlib can be exploited by malicious people to conduct a DoS against a vulnerable application or potentially to execute arbitrary code.
For more information:
SA15949
SA16137
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
