Security Update 2005-006 Released

Discussion in 'MacRumors News Discussion (archive)' started by MacRumors, Jun 8, 2005.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]

    Now available via Software Update:
     
  2. macrumors 6502a

    AoWolf

    Joined:
    Nov 17, 2003
    Location:
    Daytona Beach
    #2
    Keep them coming apple. (not that we need them ;-) ) I wonder just how long OS X will last virus free...
     
  3. Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #3
    Until someone installs it on a Dell! ;) :eek: :D

    (And that was just a pot shot, please no sixteen replies from newbies telling me how having MacOS pirated onto a Dell is totally unrelated to virus propagation! ;))
     
  4. Administrator

    Doctor Q

    Staff Member

    Joined:
    Sep 19, 2002
    Location:
    Kepler-452b
    #4
    Some details

    AFP Server
    Impact: A buffer overflow in support for legacy clients could permit the running of arbitrary code.

    Description: The Mac OS X AFP Server supports a number of legacy clients. A buffer overflow in support for one of these clients could permit arbitrary code to run. This update modifies the AFP Server to correct this buffer overflow. This issue does not affect systems prior to Mac OS X 10.4.​
    AFP Server
    Impact: On an AFP Server that uses an ACL-enabled volume for storage, copying a file with POSIX-only permissions can leave an ACL attached.

    Description: When copying a local file to an AFP Server that is using an ACL-enabled volume for storage, a temporary ACL is attached to the remote object during the copy process. This ACL can be left behind if the file copy went into a directory that was not using ACLs. The ACL that is left behind could cause confusion, as it will override the POSIX file permissions for the file owner. The ACL does not permit other users to access the file. This update modifies the AFP Server so that it correctly removes the ACL that is used for copying the file. This issue does not affect systems prior to Mac OS X 10.4.​
    Bluetooth
    Impact: Directory traversal via Bluetooth object exchange

    Description: Due to insufficient input checking, the Bluetooth object exchange services could be used to access files outside of the default file exchange directory. This update provides an additional security improvement over the previous release by adding enhanced filtering for path-delimiting characters. Credit to kf_lists[at]digitalmunition[dot]com for reporting this issue.​
    CoreGraphics
    Impact: Applications that use either PDFKit or CoreGraphics to render poorly-formed PDF documents could abort due to a NULL pointer dereference.

    Description: If a poorly-formed PDF document is passed to PDFKit or CoreGraphics for rendering, the rending engine will detect an error and stop processing. As part of the cleanup process, a check for a NULL pointer is omitted. This omission can cause an application that handles PDF documents to abort, requiring that the application be restarted. CoreGraphics is updated to correctly handle the cleanup of poorly-formed PDF documents. This issue does not affect systems prior to Mac OS X 10.4. Credit to Chris Evans for reporting this issue.​
    CoreGraphics
    Impact: Console users can gain root privileges.

    Description: The CoreGraphics Window Server is updated to disallow unprivileged users from launching commands into root sessions. This issue does not affect systems prior to Mac OS X v10.4.​
    Folder Permissions
    Impact: Potential file race condition via world- and group-writable permissions on two directories.

    Description: Secure folder permissions are applied to protect the system's cache folder and Dashboard system widgets. This exposure does not exist in systems prior to Mac OS X v10.4. Credit to Michael Haller at info@cilly.com for reporting this issue.​
    launchd
    Impact: The setuid program launchd can allow local privilege escalation.

    Description: A vulnerability in launchd allows local users to gain ownership of arbitrary files. The launchd command is updated to safely change ownership of files. Credit to Neil Archibald of Suresec LTD for reporting this issue. This issue does not affect systems prior to Mac OS X v10.4.​
    LaunchServices
    Impact: File extensions and mime types marked as unsafe but not mapped to an Apple UTI could bypass download safety checks.

    Description: Mac OS X 10.4 contains a database of known unsafe file extensions and mime types. If an addition to the unsafe types database was made without a corresponding Apple UTI (Uniform Type Identifier), then a query on certain forms of the file extension or mime type would not be marked as unsafe. All entries in the current unsafe type database are mapped to an Apple UTI. This update corrects the query code to correctly identify unsafe file extensions and mime types regardless of the presence of an Apple UTI. This issue does not affect systems prior to Mac OS X 10.4.​
    MCX Client
    Impact: Portable Home Directory credentials may be available to local system users.

    Description: MCX Client is updated to not log portable home directory mounting credentials. This issue does not affect systems prior to Mac OS X v10.4.​
    NFS
    Impact: An NFS export that's restricted using -network and -mask flags will export to "everyone."

    Description: The use of -network and -mask on a filesystem listed in the NFS exports file would result in that filesystem being exported to "everyone." This update modifies the NFS exporting code to correctly set the network and mask parameters. This issue does not affect systems prior to Mac OS X 10.4.​
    PHP
    Impact: Multiple vulnerabilities in PHP, including remote denial of service and execution of arbitrary code.

    Description: PHP is updated to version 4.3.11 to address several issues. The PHP release announcement for version 4.3.11 is located at http://www.php.net/release_4_3_11.php.​
    VPN
    Impact: A local user can obtain root privileges if the system is being used as a VPN server.

    Description: A buffer overflow in "vpnd" could be used by a local user to obtain root privileges if the system is configured as a VPN server. This issue does not occur on systems that are configured as a VPN client. This issue cannot be exploited remotely. This update prevents the buffer overflow from occurring. This issue was fixed for Mac OS X v10.3.9 via Security Update 2005-005. Credit to Pieter de Boer of the master SNB at the Universiteit van Amsterdam (UvA) for reporting this issue.​
     
  5. macrumors newbie

    Joined:
    Feb 24, 2005
  6. macrumors G3

    iMeowbot

    Joined:
    Aug 30, 2003
    #6
    I updated and rebooted about an hour ago, and everything seems to run fine, but what are the green blob in the dock that says "Start" and the "My Computer" desktop icon for?
     
  7. macrumors 68040

    MattG

    Joined:
    May 27, 2003
    Location:
    Fletcher, NC
    #7

    Actually...no! At least there's no "reboot" symbol next to the update as I'm looking at it. I'll probably reboot anyway though.

    EDIT: Eh...I take it back. No reboot for my Panther machine, but there is a reboot for Tiger.
     
  8. macrumors newbie

    Joined:
    Feb 24, 2005
    #8
    There was a reboot required for me. Well, its up and ready to go in <1 min. I love this thing!! (I switched about a week and a half ago.)
     
  9. Administrator

    Doctor Q

    Staff Member

    Joined:
    Sep 19, 2002
    Location:
    Kepler-452b
    #9
    Software update insists "Restart will be required" for me (on Tiger 10.4.1).
     
  10. macrumors 68020

    Joined:
    Apr 18, 2004
    #10
    yeah i had to reboot as well.. though widgets took longer than normal to refresh after that reboot.. hrm...
     
  11. macrumors regular

    Joined:
    Oct 27, 2003
    Location:
    Staten Island, NY
    #11
    I wonder if they've taken this opportunity to sneak in a bugfix for the issue with launchd failing to run scheduled jobs more than once (making it useless as a cron replacement, one of its intended uses). Probably not, but I can hope... *loads Software Update, clicks on Install*
     
  12. macrumors regular

    Joined:
    Jul 1, 2004
    #12
    This should put an end to the "the switch to x86 will bring us buffer overflows" argument.
     
  13. macrumors 6502a

    quackattack

    Joined:
    Aug 13, 2004
    Location:
    Boise, ID
    #13
    Is this the part where everyone starts bitching about their uptime? ;)
     
  14. macrumors 603

    Stella

    Joined:
    Apr 21, 2003
    Location:
    Canada
    #14
    ROTFL.

    Hope 10.4.2 is out soon for functionality improvements.
     
  15. macrumors regular

    Joined:
    Jan 24, 2004
    Location:
    Columbus, OH
    #15
    Mac OS X is not now, nor has ever been virus free....there's just been a bunch of pointless virii that do nto work in a UNIX environment.
     
  16. Administrator

    Doctor Q

    Staff Member

    Joined:
    Sep 19, 2002
    Location:
    Kepler-452b
    #16
    That's actually a good sign. That means that something happens when the O.S. changes, or perhaps each time it is booted, that optimizations or caching later make unnecessary. So your widgets are faster each time other than the first.
     
  17. macrumors P6

    Peace

    Joined:
    Apr 1, 2005
    Location:
    Space--The ONLY Frontier
    #17
    I ran the disk utility after rebooting and got this :
    We are using special permissions for the file or directory ./Library/Widgets. New permissions are 16877
     
  18. macrumors 68020

    Joined:
    Apr 18, 2004
    #18
    yeah i got the same thing..
     
  19. macrumors 603

    iSaint

    Joined:
    May 26, 2004
    Location:
    South Mississippi y'all, near the water!
    #19
    yes, after 29 days 19 hours up...rats!
     
  20. macrumors 6502

    Joined:
    Jan 5, 2005
    Location:
    England
    #20
    Lol - thank you! *Giggle giggle*! You have officially made my day (thats how bad my day was...full of exams and all grrr)

    Back on topic...update seems fine, haven't noticed any changes. I'm still running Panther (OLDSKOOL!) but doesn't seem to have had a negative effect...except the "the green blob in the dock that says "Start" and the "My Computer" desktop icon"
     
  21. macrumors regular

    Joined:
    Dec 25, 2002
    Location:
    Lurking nearby.
    #21
    Ergo they are not OS X virii and OS X remains virus free.
     
  22. macrumors 68000

    Freg3000

    Joined:
    Sep 22, 2002
    Location:
    New York
    #22
    I thought exactly the same thing. :D

    For me running 10.4.1, and update was required.
     
  23. macrumors 68020

    daveL

    Joined:
    Jun 18, 2003
    Location:
    Montana
    #23
    It's not that you can't have buffer overflows on non-x86 processors, it's what you can do to exploit the buffer overflow. On x86 CPUs (except the newest ones), you can run code in the data (rather than text/code) segment. You can't do that on a PPC. So, it's much easier to do damage with a buffer overflow on x86, compared to PPC.
     
  24. macrumors P6

    wdlove

    Joined:
    Oct 20, 2002
    #24
    I will probably do the Security Update on Saturday. It's after System Optimizer X runs that I do a reboot on Sunday.
     
  25. macrumors Core

    Dagless

    Joined:
    Jan 18, 2005
    Location:
    Darkplace Hospital
    #25
    hah! you just made my life
     

Share This Page