PDA

View Full Version : Whoa! OS X Vulnerabilities


Bob Dole
05-16-2005, 03:17 PM
You don't see these every day.


Technical Cyber Security Alert TA05-136A
Apple Mac OS X is affected by multiple vulnerabilities

Original release date: May 16, 2005
Last revised: --
Source: US-CERT

Systems Affected

Mac OS X version 10.3.9 (Panther) and Mac OS X Server version 10.3.9

Overview

Apple has released Security Update 2005-005 to address multiple
vulnerabilities affecting Mac OS X and Mac OS X Server. The most
serious of these vulnerabilities may allow a remote attacker to
execute arbitrary code. Impacts of other vulnerabilities addressed by
the update include disclosure of information and denial of service.

I. Description

Apple Security Update 2005-005 resolves a number of vulnerabilities
affecting Mac OS X and OS X Server. Further details are available in
the following Vulnerability Notes:

VU#356070 - Apple Terminal fails to properly sanitize input for
x-man-page URI

Apple Terminal on Mac OS X fails to sanitize x-man-page URIs, allowing
a remote attacker to execute arbitrary commands.
(CAN-2005-1342)

VU#882750 - libXpm image library vulnerable to buffer overflow

libXpm image parsing code contains a buffer-overflow vulnerability
that may allow a remote attacker execute arbitrary code or cause a
denial-of-service condition.
(CAN-2004-0687)

VU#125598 - LibTIFF vulnerable to integer overflow via corrupted
directory entry count

An integer overflow in LibTIFF may allow a remote attacker to execute
arbitrary code.
(CAN-2004-1308)

VU#539110 - LibTIFF vulnerable to integer overflow in the
TIFFFetchStrip() routine

An integer overflow in LibTIFF may allow a remote attacker to execute
arbitrary code.
(CAN-2004-1307)

VU#537878 - libXpm library contains multiple integer overflow
vulnerabilities

libXpm contains multiple integer-overflow vulnerabilities that may
allow a remote attacker execute arbitrary code or cause a
denial-of-service condition.
(CAN-2004-0688)

VU#331694 - Apple Mac OS X chpass/chfn/chsh utilities do not properly
validate external programs

Mac OS X Directory Service utilities do not properly validate code
paths to external programs, potentially allowing a local attacker to
execute arbitrary code.
(CAN-2004-1335)

VU#582934 - Apple Mac OS X Foundation framework vulnerable to buffer
overflow via incorrect handling of an environmental variable

A buffer overflow in Mac OS X's Foundation Framework's processing of
environment variables may lead to elevated privileges.
(CAN-2004-1336)

VU#706838 - Apple Mac OS X vulnerable to buffer overflow via vpnd
daemon

Apple Mac OS X contains a buffer overflow in vpnd that could allow a
local, authenticated attacker to execute arbitrary code with root
privileges.
(CAN-2004-1343)

VU#258390 - Apple Mac OS X with Bluetooth enabled may allow file
exchange without prompting users

Apple Mac OS X with Bluetooth support may unintentionally allow files
to be exchanged with other systems by default.
(CAN-2004-1332)

VU#354486 - Apple Mac OS X Server Netinfo Setup Tool fails to validate
command line parameters

Apple Mac OS X Server NeST tool contains a vulnerability in the
processing of command line arguments that could allow a local attacker
to execute arbitrary code.
(CAN-2004-0594)

Please note that Apple Security Update 2005-005 addresses additional
vulnerabilities not described above. As further information becomes
available, we will publish individual Vulnerability Notes.

II. Impact

The impacts of these vulnerabilities vary, for information about
specific impacts please see the Vulnerability Notes. Potential
consequences include remote execution of arbitrary code or commands,
disclosure of sensitive information, and denial of service.

III. Solution

Install an Update

Install the update as described in Apple Security Update 2005-005.

NewChief
05-16-2005, 05:11 PM
I've also been reading some disturbing possibilities with the new desktop widget code in Tiger. If you don't know, widgets are sort of an updated Applescript that allows you to automate all kinds of tasks and set up little mini applications that do things (like pull down weather reports). Anyway, these widgets are can do all sorts of things (like read/write/erase files) without enquiring with the user. The idea is also to make them open source so that people will add to them, create their own, etc.

You get the idea. They're applications that can do anything to your computer that will be uploaded, traded, and downloaded online. Sort of scary if people decide to start targeting Macs. Now, I haven't really seen anything firm, but there's been some discussion on spymac.com about them that worried me.

ENDelt260
05-16-2005, 05:46 PM
Someone gives enough of a shit about a Mac to try to hack it? I am amazed.

Boozer
05-16-2005, 08:20 PM
Get Firefox.

[/had to be done]

Jenson71
05-16-2005, 08:32 PM
Get Firefox.


Or reboot.

Count Zarth
05-16-2005, 08:38 PM
Someone gives enough of a shit about a Mac to try to hack it? I am amazed.

ROFL ROFL

unlurking
05-16-2005, 09:44 PM
I've also been reading some disturbing possibilities with the new desktop widget code in Tiger. If you don't know, widgets are sort of an updated Applescript that allows you to automate all kinds of tasks and set up little mini applications that do things (like pull down weather reports). Anyway, these widgets are can do all sorts of things (like read/write/erase files) without enquiring with the user. The idea is also to make them open source so that people will add to them, create their own, etc.

You get the idea. They're applications that can do anything to your computer that will be uploaded, traded, and downloaded online. Sort of scary if people decide to start targeting Macs. Now, I haven't really seen anything firm, but there's been some discussion on spymac.com about them that worried me.
Logging users into the system with admin rights as been an evil problem with Windows. Take a good open source concept and screw it over by gicing privileges to the idiots that respond to 411 emails.

Sadly, I still know several *nix users who only login with root. I thought they'd evolve beyond that by now, but I guess Intelligent Design wasn't intelligent enough.