Apple Patches 17 Bugs

By Lisa Vaas  |  Posted 2007-05-25 Email Print this article Print
 
 
 
 
 
 
 

The company releases fixes for vulnerabilities ranging from system takeover to denial-of-service attacks.

Apple on May 24 released patches for 17 vulnerabilities spanning a host of technologies and a slew of potential unpleasantness: from system takeover to denial of service to password snatching.

The patches can be downloaded automatically by enabling Software Update or they can be downloaded at Apple's download site.

One of the worst bugs, found in CoreGraphics on Mac OS X v10.4.9 and Mac OS X Server v10.4.9, can lead to system capture or the application shutting down. This vulnerability doesn't affect systems earlier than Mac OS X v10.4.

Click here to read about more security holes in Mac OS X.

CoreGraphics is graphics technology; the name is often used interchangeably with the term "Quartz," which refers to two Mac OS X technologies found within the CoreGraphics framework.

For an exploit of CoreGraphics to be successful, a targeted user has to open a maliciously crafted PDF file. The vulnerability involves an integer overflow in the handling of PDF files. Opening the malicious PDF will trigger the overflow.

Another bad bug exists in the file command line tool in Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9. This vulnerability manifests itself when running the file command on a maliciously crafted file, which can lead to an application quitting or a system being taken over.

The file flaw has to do with a heap buffer overflow in the file command line tool.

Here are the other vulnerabilities:

Alias Manager

Affects Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9.

Impact: Users may be misled into opening a substituted file.

Due to implementation issues, Alias Manager under certain circumstances won't show identically named files contained in identically named mounted disk images. By enticing a user to mount two identically named disk images, an attacker could mislead the user into opening a malicious program, according to Apple.

BIND

There are four vulnerabilities in BIND in Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9. The worst can lead to a remote DoS (denial of service).

crontabs

The daily/tmp cleanup script may lead to a DoS in Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9.

When the daily cleanup script is executed, Filesystems mounted in the /tmp directory may be deleted, which may lead to a DoS.

fetchmail

Users can be tricked into disclosing their passwords because of a cryptographic weakness in Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9.

iChat

An attacker on a local network can cause a DoS or execute arbitrary code due to a buffer overflow vulnerability in the UPnP IGD (Internet Gateway Device) Standardized Device Control Protocol code used to create Port Mappings on home NAT gateways in iChat. The exploit works by sending a maliciously crafted packet that triggers the overflow. This bug affects Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9.

mDNSResponder

An attacker on a local network can cause DoS or execute arbitrary code due to a buffer overflow vulnerability in the UPnP IGD Standardized Device Control Protocol code used to create Port Mappings on home NAT gateways in the OS X mDNSResponder implementation. By sending a maliciously crafted packet, an attacker on the local network can trigger the overflow. The patch is for Mac OS X v10.4.9 and Mac OS X Server v10.4.9; versions prior to Mac OS X v10.4 aren't affected.

PPP

This vulnerability, which allows local users to obtain system privileges, is found in the PPP daemon when loading plug-ins via the command line. This one affects Mac OS X v10.4.9 and Mac OS X Server v10.4.9 but no systems prior to Mac OS X v10.4.

Ruby

The Ruby CGI library has a DoS vulnerability in its CGI library. An attacker can trigger a situation that could lead to a DoS by sending maliciously crafted HTTP requests to a Web application using cgi.rb. The patch is for Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9.

Screen

GNU Screen has multiple DoS vulnerabilities in its screen command tool. This affects Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9. GNU has more information on its site.

texinfo

A file-handling issue in texinfo may allow arbitrary files to be overwritten. The vulnerability may allow a local user to create or overwrite files with the privileges of a user running texinfo. This affects Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9.

VPN

The vpnd command has a format string vulnerability. Local users can trigger it with maliciously crafted arguments, which can lead to system takeover. This affects Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 and Mac OS X Server v10.4.9.

Check out eWEEK.com's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK's Security Watch blog.



 
 
 
 
Lisa Vaas is News Editor/Operations for eWEEK.com and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on eWEEK.com, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.
 
 
 
 
 
 

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters