Date: 30th September 2005
Risk:
High
Apple has released a security update for Mac OS X that patches a multitude of vulnerabilities including Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, Privilege escalation, DoS, and System access.
The components affected can be found at the referenced website. Some of these include:
traceroute
| Available for: | Mac OS X v10.3.9, Mac OS X Server v10.3.9 |
|---|
| Impact: | A buffer overflow could result in local privilege escalation and arbitrary code execution. |
|---|
| Description: | The traceroute utility is vulnerable to a buffer overflow. This update prevents the buffer overflow from occurring. This issue does not affect systems running Mac OS X v10.4. |
|---|
Apache 2
| Available for: | Mac OS X Server v10.3.9 |
|---|
| Impact: | The htdigest program contains a buffer overflow, which, if used improperly in a CGI application, could allow a remote system compromise. |
|---|
| Description: | The htdigest program contains a buffer overflow, and could be used in a CGI application to manage user access controls to a web server. This update fixes the buffer overflow in htdigest. Apple does not provide any CGI applications that use the htdigest program. Apache 2 ships only with Mac OS X Server, and is off by default. This issue was fixed for Apache 1.3 in Security Update 2005-005. |
|---|
Bluetooth
| Available for: | Mac OS X v10.4.2, Mac OS X Server v10.4.2 |
|---|
| Impact: | The System Profiler information about whether or not a Bluetooth device requires authentication is misleading. |
|---|
| Description: | Selecting "Require pairing for security" in Bluetooth preferences correctly sets the device to require authentication, but in System Profiler the device is labelled with "Requires Authentication: No." This update changes System Profiler to accurately reflect the Bluetooth security settings. This issue does not affect systems prior to Mac OS X 10.4. |
|---|
Directory Services
| Available for: | Mac OS X Server v10.3.9, Mac OS X Server v10.4.2 |
|---|
| Impact: | A buffer overflow in Directory Services could lead to remote execution of arbitrary code. |
|---|
| Description: | A buffer overflow in the handling of authentication can lead to arbitrary code execution by a remote attacker. This update prevents the buffer overflow from occurring. |
|---|
Kerberos
| Available for: | Mac OS X v10.4.2, Mac OS X Server v10.4.2 |
|---|
| Impact: | Kerberos-enabled logins when using LDAP can result in root compromise. |
|---|
| Description: | When Kerberos authentication is enabled in addition to LDAP, it was possible to gain access to a root Terminal window. Kerberos authentication has been updated to prevent this situation. This issue does not affect systems prior to Mac OS X v10.4. |
|---|
MySQL
| Available for: | Mac OS X Server v10.3.9 |
|---|
| Impact: | Multiple vulnerabilities in MySQL, including arbitrary code execution by remote authenticated users. |
|---|
| Description: | MySQL is updated to version 4.0.24 to address several issues. This does not affect systems running Mac OS X v10.4 as Tiger shipped with MySQL version 4.1.10a, which is patched against this issue. The MySQL announcement for version 4.0.24 is located at http://dev.mysql.com/doc/mysql/en/news-4-0-24.html |
|---|
ping
| Available for: | Mac OS X v10.3.9, Mac OS X Server v10.3.9 |
|---|
| Impact: | A buffer overflow could result in local privilege escalation and arbitrary code execution. |
|---|
| Description: | The ping utility is vulnerable to a buffer overflow. This update prevents the buffer overflow from occurring. This issue does not affect systems running Mac OS X v10.4. |
|---|
References