Focus on Apple
Security update fixes ARDAgent and DNS issues Aug 01 2008 03:15AM
Dave Schroeder (das doit wisc edu) (1 replies)
Apple just released Security Update 2008-005, which addresses the
ARDAgent and DNS security issues, among others:

http://support.apple.com/kb/HT2647

- Dave

Begin forwarded message:

> From: Apple Product Security <product-security-
> noreply (at) lists.apple (dot) com [email concealed]>
> Date: July 31, 2008 10:07:45 PM CDT
> To: security-announce (at) lists.apple (dot) com [email concealed]
> Subject: APPLE-SA-2008-07-31 Security Update 2008-005
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> APPLE-SA-2008-07-31 Security Update 2008-005
>
> Security Update 2008-005 is now available and addresses the following
> issues:
>
> Open Scripting Architecture
> CVE-ID: CVE-2008-2830
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: A local user may execute commands with elevated privileges
> Description: A design issue exists in the Open Scripting
> Architecture libraries when determining whether to load scripting
> addition plugins into applications running with elevated privileges.
> Sending scripting addition commands to a privileged application may
> allow the execution of arbitrary code with those privileges. This
> update addresses the issue by not loading scripting addition plugins
> into applications running with system privileges. The recently
> reported ARDAgent and SecurityAgent issues are addressed by this
> update. Credit to Charles Srstka for reporting this issue.
>
> BIND
> CVE-ID: CVE-2008-1447
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: BIND is susceptible to DNS cache poisoning and may return
> forged information
> Description: The Berkeley Internet Name Domain (BIND) server is
> distributed with Mac OS X, and is not enabled by default. When
> enabled, the BIND server provides translation between host names and
> IP addresses. A weakness in the DNS protocol may allow remote
> attackers to perform DNS cache poisoning attacks. As a result,
> systems that rely on the BIND server for DNS may receive forged
> information. This update addresses the issue by implementing source
> port randomization to improve resilience against cache poisoning
> attacks. For Mac OS X v10.4.11 systems, BIND is updated to version
> 9.3.5-P1. For Mac OS X v10.5.4 systems, BIND is updated to version
> 9.4.2-P1. Credit to Dan Kaminsky of IOActive for reporting this
> issue.
>
> CarbonCore
> CVE-ID: CVE-2008-2320
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: Processing long filenames may lead to an unexpected
> application termination or arbitrary code execution
> Description: A stack buffer overflow exists in the handling of long
> filenames. Processing long filenames may lead to an unexpected
> application termination or arbitrary code execution. This update
> addresses the issue through improved bounds checking. Credit to
> Thomas Raffetseder of the International Secure Systems Lab and Sergio
> 'shadown' Alvarez of n.runs AG for reporting this issue.
>
> CoreGraphics
> CVE-ID: CVE-2008-2321
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: Visiting a maliciously crafted website may lead to an
> unexpected application termination or arbitrary code execution
> Description: CoreGraphics contains memory corruption issues in the
> processing of arguments. Passing untrusted input to CoreGraphics via
> an application, such as a web browser, may lead to an unexpected
> application termination or arbitrary code execution. This update
> addresses the issue through improved bounds checking. Credit to
> Michal Zalewski of Google for reporting this issue.
>
> CoreGraphics
> CVE-ID: CVE-2008-2322
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: Viewing a maliciously crafted PDF file may lead to an
> unexpected application termination or arbitrary code execution
> Description: An integer overflow in the handling of PDF files may
> result in a heap buffer overflow. Viewing a maliciously crafted PDF
> file may lead to an unexpected application termination or arbitrary
> code execution. This update addresses the issue through additional
> validation of PDF files. Credit to Pariente Kobi working with the
> iDefense VCP for reporting this issue.
>
> Data Detectors Engine
> CVE-ID: CVE-2008-2323
> Available for: Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: Viewing maliciously crafted messages with Data Detectors may
> lead to an unexpected application termination
> Description: Data Detectors are used to extract reference
> information from textual content or archives. A resource consumption
> issue exists in Data Detectors' handling of textual content. Viewing
> maliciously crafted content in an application that uses Data
> Detectors may lead to a denial of service, but not arbitrary code
> execution. This issue does not affect systems prior to Mac OS X
> v10.5.
>
> Disk Utility
> CVE-ID: CVE-2008-2324
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
> Impact: A local user may obtain system privileges
> Description: The "Repair Permissions" tool in Disk Utility makes
> /usr/bin/emacs setuid. After the Repair Permissions tool has been
> run, a local user may use emacs to run commands with system
> privileges. This update addresses the issue by correcting the
> permissions applied to emacs in the Repair Permissions tool. This
> issue does not affect systems running Mac OS X v10.5 and later.
> Credit to Anton Rang and Brian Timares for reporting this issue.
>
> OpenLDAP
> CVE-ID: CVE-2008-2952
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: A remote attacker may be able to cause an unexpected
> application termination
> Description: An issue exists in OpenLDAP's ASN.1 BER decoding.
> Processing a maliciously crafted LDAP message may trigger an
> assertion and lead to an unexpected application termination of the
> OpenLDAP daemon, slapd. This update addresses the issue by performing
> additional validation of LDAP messages.
>
> OpenSSL
> CVE-ID: CVE-2007-5135
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: A remote attacker may be able to cause an unexpected
> application termination or arbitrary code execution
> Description: A range checking issue exists in the
> SSL_get_shared_ciphers() utility function within OpenSSL. In an
> application using this function, processing maliciously crafted
> packets may lead to an unexpected application termination or
> arbitrary code execution. This update addresses the issue through
> improved bounds checking.
>
> PHP
> CVE-ID: CVE-2008-2051, CVE-2008-2050, CVE-2007-4850, CVE-2008-0599,
> CVE-2008-0674
> Available for: Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: Multiple vulnerabilities in PHP 5.2.5
> Description: PHP is updated to version 5.2.6 to address multiple
> vulnerabilities, the most serious of which may lead to arbitrary code
> execution. Further information is available via the PHP website at
> http://www.php.net/ PHP version 5.2.x is only provided with Mac OS X
> v10.5 systems.
>
> QuickLook
> CVE-ID: CVE-2008-2325
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: Downloading a maliciously crafted Microsoft Office file may
> lead to an unexpected application termination or arbitrary code
> execution
> Description: Multiple memory corruption issues exist in QuickLook's
> handling of Microsoft Office files. Downloading a maliciously crafted
> Microsoft Office file may lead to an unexpected application
> termination or arbitrary code execution. This update addresses the
> issue through improved bounds checking. This issue does not affect
> systems prior to Mac OS X v10.5.
>
> rsync
> CVE-ID: CVE-2007-6199, CVE-2007-6200
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.4, Mac OS X Server v10.5.4
> Impact: Files outside the module root may be accessed or overwritten
> remotely
> Description: Path validation issues exist in rsync's handling of
> symbolic links when running in daemon mode. Placing symbolic links in
> an rsync module may allow files outside of the module root to be
> accessed or overwritten. This update addresses the issue through
> improved handling of symbolic links. Further information on the
> patches applied is available via the rsync web site at
> http://rsync.samba.org/
>
> Security Update 2008-005 may be obtained from the Software Update
> pane in System Preferences, or Apple's Software Downloads web site:
> http://www.apple.com/support/downloads/
>
> For Mac OS X v10.5.4 and Mac OS X Server 10.5.4
> The download file is named: "SecUpd2008-005.dmg"
> Its SHA-1 digest is: 9c4fd4ee59965819427445f6de172c42b223e6e1
>
> For Mac OS X v10.4.11 (Intel)
> The download file is named: "SecUpd2008-005Intel.dmg"
> Its SHA-1 digest is: 1ff3242935c98325769b33148a2a8b1e72db567c
>
> For Mac OS X v10.4.11 (PPC)
> The download file is named: "SecUpd2008-005PPC.dmg"
> Its SHA-1 digest is: 2f56ea4311d5b85de3c494f6fee46360e5b7317e
>
> For Mac OS X Server v10.4.11 (Universal)
> The download file is named: "SecUpdSrvr2008-005Univ.dmg"
> Its SHA-1 digest is: 256401659308a634cee06b00d1a6ae9dc20b5467
>
> For Mac OS X Server v10.4.11 (PPC)
> The download file is named: "SecUpdSrvr2008-005PPC.dmg"
> Its SHA-1 digest is: d310d471bd39df92cb5580e18f356a222824d7d2
>
> Information will also be posted to the Apple Security Updates
> web site: http://support.apple.com/kb/HT1222
>
> This message is signed with Apple's Product Security PGP key,
> and details are available at:
> http://www.apple.com/support/security/pgp/
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.0.3 (Build 2932)
>
> iQEVAwUBSJJ9c3kodeiKZIkBAQiWmggAmx3HBLe2vwoDmCr+ycU+orkLNDvRW0zJ
> Kq8rJZNRC4HwoDvAdduzNcwL9vudnJqcY0ZEGaXp6USRPjvioFUZJNUoDG/1goj5
> E6q9velCEgu67WBT66ampy9oyqaHFP5YdWKKDg4AvGeFiJqgplFsBEaCqr7xigoh
> T+xbPAzWt5aXp8rlAnZPhEFbK7ZAQEGEtoc5UnSdTlm4mwDdMRszG8JhgpoiII72
> 8LIjZpf7cMf0neUua2pvGDNITHoZfNWg2a11CyIDilIPUj7Vl4Rhfw6b+bcSK6Po
> FMS1ZF0D9I58j6KLQ2LuSr0lB0Xd1tfsZGlCNdWQzK5RH/UrmbEMXg==
> =k/dw
> -----END PGP SIGNATURE-----
0? *?H?÷
 ?0?1 0 +0? *?H?÷
 ?>0?ô0?] DM0
 *?H?÷
0S1 0 UUS10U
Equifax Secure Inc.1&0$UEquifax Secure eBusiness CA-10
050829160720Z
150829160720Z0?1 0 UUS1+0)U
"Division of Information Technology1#0!U Faculty - Staff - Students1(0&UUniversity of Wisconsin-Madison0?0
 *?H?÷
0?èHQÜ%wË ktëùNßM}V?ïȶÂ#¹.³S*?¥I|R±%ö3?~?cëG:!+·Ä? ÇL$ò­©«
8)?¿.Æ01qL|?I?¿Öm²\×[¼'¯íG̪»´V ?ëùçe><|¯÷?°
æp;?Ã??£?0?0Uÿ?0U?RRbG,k,¸iñ©7,#$0U
#0?Jx2RÛY6^ßÁ6@jG|L¡0Uÿ0ÿ09U2000. , *?(http://cr
l.geotrust.com/crls/ebizca1.crl0
 *?H?÷
%ñDX3wç֍ת· ?7kæÞßµ±z°c_?+åLÓPpGOsÉ>ف¬ÐDÓ±Ü-++?ü}£Z?? d£Áù'öTï¡*)ÿw~G²?¨ø
Oµö¬U~ºbSJh,óN¨GTaßs\ÇDØéR#êeb¨Åg0?B0?« ?0
 *?H?÷
0?1 0 UUS1+0)U
"Division of Information Technology1#0!U Faculty - Staff - Students1(0&UUniversity of Wisconsin-Madison0
070724175606Z
080920175606Z0Ð1 0 UUS10U Wisconsin10UMadison1(0&U
University of Wisconsin-Madison1#0!U Faculty - Staff - Students10U Token -10UDavid Schroeder1 0 *?H?÷
 das (at) doit.wisc (dot) edu0 [email concealed]?0
 *?H?÷
0????èöÆ?³G¡J[ ¨×
Qò?sJ?'Uî.øë
ÂC«ÓmÂ?5(¢?äðÛ¢1?Hµ8iä¬C°«é£ Ê¢4ÝsR|F?Sû?©¶2±ï?Æ?´zó?¬ÿPïí?ð?ÖÜ5àò?ݐ?ÕÍnæ?y
>ªÛ% ?ä¹£p0n0Uÿà0;U40200 . ,?*http://crl.geotrust.com/cr
ls/wisconsin.crl0U#0??RRbG,k,¸iñ©7,#$0
 *?H?÷
ß¢úx IíN®?t ý¼¬Åƪ¡ q ?Þ¦`,]H?)u?Há?tm³°é¥¾0ñÊOV6¾Ô?
&@v?@¯IÿßO=?~ÿuC"i?Â?N??0ÔÉ® G¥ªÙ»rs5ì#¯P?ÑËpÍX¯âô³©ÖÙ?Ðz?YuVC?ö?1?â0?Þ00?1 0 UUS1+0)U
"Division of Information Technology1#0!U Faculty - Staff - Students1(0&UUniversity of Wisconsin-Madison?0 + ?§0 *?H?÷
 1  *?H?÷
0 *?H?÷
 1
080801031548Z0# *?H?÷
 1¯9Gó???Ï&Q?¤N , ¥}X0¡ +?71?00?1 0 UUS1+0)U
"Division of Information Technology1#0!U Faculty - Staff - Students1(0&UUniversity of Wisconsin-Madison?0£ *?H?÷
  1? 0?1 0 UUS1+0)U
"Division of Information Technology1#0!U Faculty - Staff - Students1(0&UUniversity of Wisconsin-Madison?0
 *?H?÷
?vÌNÆÜôj+9 ?|ÄpË
8YÏ,Å4@uëý¹gÙFh??»Âæh7¬Õ¢~îÅÔò)@·ä?SöZ??ù¦ÚÎ?T
e?MÌÁð͝»­? ,ìçÔVG(*OÅç1 Xû é5Ô?ÕÇ?Kcj?hA¥?SpÅ·Ì

[ reply ]
Re: Security update fixes ARDAgent and DNS issues Aug 02 2008 10:19PM
Indy (ind cca smith gmail com) (1 replies)
Re: Security update fixes ARDAgent and DNS issues Aug 03 2008 09:05AM
Derek Chesterfield (dez mac com) (1 replies)
Re: Security update fixes ARDAgent and DNS issues Aug 03 2008 01:33PM
Indy (ind cca smith gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus