what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Technical Cyber Security Alert 2008-43B

Technical Cyber Security Alert 2008-43B
Posted Feb 12, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-043B - Apple has released Security Update 2008-001 and OS X version 10.5.2 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service. Systems affected include Apple Mac OS X versions prior to and including 10.4.11 and 10.5.1 and Apple Mac OS X Server versions prior to and including 10.4.11 and 10.5.1.

tags | advisory, denial of service, arbitrary, vulnerability
systems | apple, osx
SHA-256 | ad0609bce659248c5bdd08afd89dc55894858d34d2af81e86ef96c37923ce080

Technical Cyber Security Alert 2008-43B

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA08-043B


Apple Updates for Multiple Vulnerabilities

Original release date: February 12, 2008
Last revised: --
Source: US-CERT


Systems Affected

* Apple Mac OS X versions prior to and including 10.4.11 and 10.5.1
* Apple Mac OS X Server versions prior to and including 10.4.11 and
10.5.1

These vulnerabilities affect both Intel and PowerPC platforms


Overview

Apple has released Security Update 2008-001 and OS X version 10.5.2 to
correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X
Server. Attackers could exploit these vulnerabilities to execute
arbitrary code, gain access to sensitive information, or cause a
denial of service.


I. Description

Apple Security Update 2008-001 and Apple Mac OS X version 10.5.2
address a number of vulnerabilities affecting Apple Mac OS X and OS X
Server versions prior to and including 10.4.11 and 10.5.1. Further
details are available in the US-CERT Vulnerability Notes Database.

The update also addresses vulnerabilities in other vendors' products
that ship with Apple OS X or OS X Server. These products include Samba
and X11.


II. Impact

The impacts of these vulnerabilities vary. Potential consequences
include arbitrary code execution, sensitive information disclosure,
and denial of service.


III. Solution

Install updates from Apple

Install Apple Security Update 2008-001 or Apple Mac OS X version
10.5.2. These and other updates are available via Software Update or
via Apple Downloads.


IV. References

* US-CERT Vulnerability Notes for Apple Security Update 2008-001 -
<http://www.kb.cert.org/vuls/byid?searchview&query=apple_security_update_2008_001>

* About the security content of Mac OS X 10.5.2 and Security Update2008-001 -
<http://docs.info.apple.com/article.html?artnum=307430>

* About the Mac OS X 10.5.2 Update -
<http://docs.info.apple.com/article.html?artnum=307109>

* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>

* Apple - Support - Downloads -
<http://www.apple.com/support/downloads/>

* X.org Foundataion Security Advisories -
<http://www.x.org/wiki/Development/Security>

* Samba Security Releases -
<http://www.samba.org/samba/history/security.html>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA08-043B.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA08-043B Feedback VU#774345" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2008 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

February 12, 2008: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR7HyXPRFkHkM87XOAQLgawf/WfBp5mjT+DZriprWRqe1HM4Z9SSe/5Dg
jMgSlX1j/YJC7FgZfjJvriQ+yXeOnhwvKggfTbkJWej+0AeRbyIUFWD/ZTh2Qylp
/1vBehJW9nhT2yMT65/gT/MnbArN11AILkfSGr4W6xLPMR2zq0HsrP2SxYlAVkSO
PPlo0KhWWATcjHjJEacdmry4fR6iv6xA0gFjWN6i18VX5LSMOEyO3LpDt+Rk8fet
r7Pwi/QEr/nipEEw8R8Jg9+LT8dqQL1t+yhTa5pV1rceuEb3Cz67paHAqRneldW9
SAl/TPznmYCCMHqyOfHdRBUVvOxI09OPjHYkf7ghv5e06LqbfVMZug==
=qwP5
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close