CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
August 1st, 2008

16 Mac OS X Flaws Including DNS Vulnerability Fixed By Apple

Apple has updated Mac OS X security with patches for about 17 documented vulnerabilities, including a fix for the serious DNS cache poisoning vulnerability reported earlier. With Security Update 2008-005, Apple fixes flaws that could lead to privilege escalation, denial-of-service, information disclosure and arbitrary code execution attacks.

The update affects Mac OS X Server 10.4, Mac OS X 10.4.11, Mac OS X Server 10.5, and Mac OS X 10.5.4.

Patched vulnerability details are:

CVE-2008-1447 – BIND: A weakness in the DNS protocol may allow remote attackers to perform DNS cache poisoning attacks. As a result, systems that rely on the BIND server for DNS may receive forged information. This update addresses the issue by implementing source port randomization to improve resilience against cache poisoning attacks. For Mac OS X v10.4.11 systems, BIND is updated to version 9.3.5-P1. For Mac OS X v10.5.4 systems, BIND is updated to version 9.4.2-P1.

CVE-2008-2320 – CarbonCore: A stack buffer overflow exists in the handling of long filenames. Processing long filenames may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.

CVE-2008-2830 – Open Scripting Architecture: A design issue exists in the Open Scripting Architecture libraries when determining whether to load scripting addition plugins into applications running with elevated privileges. Sending scripting addition commands to a privileged application may allow the execution of arbitrary code with those privileges. This update addresses the issue by not loading scripting addition plugins into applications running with system privileges.

CVE-2008-2321 – CoreGraphics: CoreGraphics contains memory corruption issues in the processing of arguments. Passing untrusted input to CoreGraphics via an application, such as a web browser, may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.

CVE-2008-2322 – CoreGraphics: An integer overflow in the handling of PDF files may result in a heap buffer overflow. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

CVE-2008-2323 – Data Detectors Engine: Viewing maliciously crafted content in an application that uses Data Detectors may lead to a denial of service, but not arbitrary code execution. This issue does not affect systems prior to Mac OS X v10.5.

CVE-2008-2324 – Disk Utility: The “Repair Permissions” tool in Disk Utility makes /usr/bin/emacs setuid. After the Repair Permissions tool has been run, a local user may use emacs to run commands with system privileges. This update addresses the issue by correcting the permissions applied to emacs in the Repair Permissions tool.

CVE-2008-2952 – OpenLDAP: An issue exists in OpenLDAP’s ASN.1 BER decoding. Processing a maliciously crafted LDAP message may trigger an assertion and lead to an unexpected application termination of the OpenLDAP daemon, slapd. This update addresses the issue by performing additional validation of LDAP messages.

CVE-2007-5135 – OpenSSL: A range checking issue exists in the SSL_get_shared_ciphers() utility function within OpenSSL. In an application using this function, processing maliciously crafted packets may lead to an unexpected application termination or arbitrary code execution.

CVE-2008-2051, CVE-2008-2050, CVE-2007-4850, CVE-2008-0599, CVE-2008-0674: PHP is updated to version 5.2.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at http://www.php.net/ PHP version 5.2.x is only provided with Mac OS X v10.5 systems.

CVE-2008-2325 – QuickLook: Multiple memory corruption issues exist in QuickLook’s handling of Microsoft Office files. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution.

CVE-2007-6199, CVE-2007-6200 – rsync: Path validation issues exist in rsync’s handling of symbolic links when running in daemon mode. Placing symbolic links in an rsync module may allow files outside of the module root to be accessed or overwritten. Further information on the patches applied is available via the rsync web site at http://rsync.samba.org.

Share this item with others:

More on CyberInsecure:
  • Critical Mac Flaws Triggered By Images Fixed By Apple
  • Apple QuickTime Multiple Remote Vulnerabilities
  • Apple Patch 67 Mac OS X And Safari Vulnerabilities
  • High Risk Of Malicious Code Execution Attacks Due To Mac OS X 6-month Old Java Flaw
  • Privacy Flaw Found In Apple Safari RSS Reader

    • Posted in Apple, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Friday, August 1st, 2008 at 3:55 am and is filed under Apple, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: 16 Mac OS X Flaws Including DNS Vulnerability Fixed By Apple

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »