6/30/2006
- Public (Proof-of Concept) Exploit Discovered for launchd
Vulnerability
Symantec
has posted a description for what they are calling OSX.Exploit.Launchd.
The PoC code is still being investigated, but it appears to
exploit the recently patched vulnerability in launchd (CVE-2006-1471).
This vulnerability was patched in Mac OS X Update 10.4.7.
The exploit
code was reported to milw0rm by Kevin Finisterre.
6/29/2006
- Apple OS X 10.4.7 .tiff "TIFFFetchAnyArray ()"
DoS
Tom
Ferris has posted a new advisory, which affects Mac OS X versions
10.4.7 and prior, when processing a malformed .tiff image
file. The vulnerability exists when the TIFFFetchAnyArray()
function does not properly parse and invalid tag, causing
the application in which it was opened, to crash.
Read the full
advisory here.
6/29/2006
- iTunes 6.0.5 Released
iTunes 6.0.5 addresses an integer overflow in the AAC file parsing that can lead to code execution. This vulnerability has been detailed in CVE-2006-1467:
CVE-ID: CVE-2006-1467
Available for: Mac OS X v10.2.8 or later, Windows XP / 2000
Impact: An integer overflow in iTunes could cause a denial of
service or lead to the execution of arbitrary code
Description: The AAC file parsing code in iTunes versions prior
to 6.0.5 contains an integer overflow vulnerability. Parsing a
maliciously-crafted AAC file could cause iTunes to terminate or
potentially execute arbitrary code. iTunes 6.0.5 addresses this
issue by improving the validation checks used when loading AAC
files. Credit to ATmaCA working with TippingPoint and the Zero Day
Initiative for reporting this issue.
6/28/2006
- F-Secure Posts Their Latest Data Security Summary
The
F-Secure research team, based in Helsinki, has posted their
latest video Data Security Summary. Amongst other topics,
Macintosh viruses / threats are discussed.
The
wrap-up can be found
here.
The video content (WMV format) is here.
The
discussion on Mac OS X viruses is a basic rehash or Leap.A
and Inqtana
6/28/2006
- Update on the Security Content of the Mac OS X 10.4.7 Update
We
have posted the specific security content here.
6/28/2006
- Mac OS X 10.4.7 Released
The
Mac OS X 10.4.7 Update has been released, and is currently
available for both PowerPC and Intel-based Macs. This update
includes a number of specific fixes, and security updates.
Mac OS X 10.4.7 is available via Software Update, or from
Apple's Site:
Mac
OS X Update 10.4.7 Combo Intel
Mac
OS X Update 10.4.7 Intel
Mac
OS X Update 10.4.7 Combo PPC
Mac
OS X Update 10.4.7 PPC
Mac
OS X Server Update 10.4.7 Combo
Mac
OS X Server Update 10.4.7
Apple
has yet to update their
site with specific security update information. Once it
is published we will update our posting as well.
6/27/2006
- Apple Mac OS X Multiple Command Execution and Privilege
Escalation Vulnerabilities
FrSirt
has posted the following advisory:
Advisory
ID : FrSIRT/ADV-2006-2566
CVE ID : CVE-2006-1468 - CVE-2006-1469 - CVE-2006-1470 - CVE-2006-1471
- CVE-2006-1989
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-06-27
Apple
has released security updates to address multiple vulnerabilities
identified in Mac OS X. These flaws could be exploited by
remote or local attackers to execute arbitrary commands, cause
a denial of service, or disclose sensitive information.
The first issue is due to an error in
the AFP server when displaying search results, which could
be exploited by malicious users to disclose the names of files
and folders for which they have no access.
The second vulnerability is due to a stack
overflow error in ImageIO when handling malformed TIFF images,
which could be exploited by attackers to crash an affected
application or compromise a vulnerable system via a specially
crafted TIFF image.
The third flaw is due to an error in the
OpenLDAP server that fails to properly handle invalid LDAP
requests, which could be exploited by remote attackers to
cause a denial of service.
The fourth issue is due to a format string
error in the setuid utility "launchd" when logging
messages, which could be exploited by malicious users to execute
arbitrary commands with elevated privileges.
The fifth vulnerability is due to an error
in ClamAV, which could be exploited by attackers to execute
arbitrary code by tricking a user into downloading virus signature
updates from a malicious web server. For additional information,
see : FrSIRT/ADV-2006-1586
The vulnerability is addressed in Mac
OS 10.4.7.
6/26/2006
- Check Point VPN-1 Secure Client
Check
Point has released their VPN-1 SecureClient for Mac OS X.
Benefits provided in this release include:
- Secured access to corporate resources
- Remote PC and handheld protection
- Flexible connectivity options
- Simplified central management for lower total cost of ownership
More
details.....
|