Mac Security News
 

Providing daily security updates for Apple Mac OS X and related applications and technologies

Home

Podcasts

Forums

Links

Contact Us / Advertising

 

Information

Home

Antivirus

Spyware/Adware

IPS/IDS

Physical Security

Contact Us

About Us

Archives

  

Stories For the Week of May 29, 2006

 

6/2/2006 - MySQL Multibyte Encoding SQL Injection Vulnerability

A vulnerability has been disclosed, which could allow for SQL injection attacks.According to the Secunia advisory "he vulnerability is caused due to an error within the server when parsing a query string that is escaped with the "mysql_real_escape_string()" function". Vulnerable users can upgrade to either MySQL 4.1.20 or 5.0.22.

 

6/1/2006 - Mozilla Firefox 1.5.0.4 Released

Mozilla Firefox 1.5.0.4 is now available. This release provides improved product stability, as well as several security updates. Five of the updates are rated at critical and include privilege escalation, buffer overflow, memory corruption, and a remote compromise vulnerabilities. The update can be downloaded from Mozilla's site, or acquired via the 'Check For Updates' command in the 'Help' menu. It should also be noted that Mozilla Thunderbird was released on 5/31/2006. This release provides universal binary support for Intel-based Macs...as well as several security updates.

 

 

5/31/2006 - SSH Tunnel Manager Allows the Creation of Custom SSH Tunnels

A recent article at nonstopmac.com provides a thorough tutorial on how to use SSH Tunnel Manager (from Tynsoe.org) to create your own secure connections. This can come in handy in situations where an encrypted connection is required, but not necessarily provided by the target service.

Read more...

 

5/31/2006 - Apple Releases Quicktime 7.1.1

Quicktime 7.1.1 has been released to address issues incurred after installing Quicktime 7.1 and the Apple Security Update 2006-003.

 

5/30/2006 - ADmitMac 3.2 Released

Thursby has released ADmitMac 3.2. This release provides support on Intel-based Mac, as well as a few other fixes and feature updates.

"ADmitMac is tailored for multi-user, multi-computer scenarios with administrator defined network security. It supports the highest levels of security and does not require the downgrading of security when using Windows Server 2003. Kerberos is used to provide secure directory access, thus reducing the risk of unwanted disclosure, spoofing, and man-in-the middle attacks. ADmitMac works with domains configured using Microsoft’s Highly Secure (HISEC) security templates, automatically configuring the Macintosh to use Kerberos, obtains the necessary security keys from the domain and performs mutual authentication requiring the server to prove its identify. ADmitMac also works with older NT directory services. "

 

 

 
 

Quick Items

05/18/2006 - dotDefender 2.16 Released


05/01/2006 -SABAGSecurity episode 41.



 Threat List


 

 
Web macsecuritynews.com
 

 

 

Copyright 2006 - Macsecuritynews.com