Date: 10 August 2006
References: ESB-2006.0535
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
AusCERT Update AU-2006.0028 - [OSX]
Security Update 2006-004 for Mac Pro
10 August 2006
AusCERT Update Summary
----------------------
Product: Apple Mac Pro
Apple Xserve
Publisher: Apple
Operating System: Mac OS X v.10.4.7 Build 8K1079
Mac OS X Server v.10.4.7 Build 8K1079
Impact: Execute Arbitrary Code/Commands
Denial of Service
Read-only Data Access
Access: Remote/Unauthenticated
CVE Names: CVE-2006-3465 CVE-2006-3462 CVE-2006-3461
CVE-2006-3460 CVE-2006-3459 CVE-2006-0393
Ref: ESB-2006.0535
Original Bulletin: http://docs.info.apple.com/article.html?artnum=304146
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2006-08-09 Security Update 2006-004 for Mac Pro
"Security Update 2006-004 for Mac Pro" is now available.
Security Update 2006-004 was released on August 1, and details are
available via:
http://docs.info.apple.com/article.html?artnum=304063
The new Mac Pro product ships with Mac OS X v10.4.7 Build 8K1079.
Also, the existing Xserve hardware is now shipping with Mac OS X
Server v10.4.7 Build 8K1079.
The fixes provided in Security Update 2006-004 (August 1 release) are
contained in Build 8K1079, with the exception of the ones listed
below for ImageIO and OpenSSH. The fixes for these issues were not
fully tested in time for the manufacturing of the Mac Pro, and are
being provided via this security update.
This update is a proper subset of the full Security Update 2006-004
released on August 1. Existing systems that have already applied
Security Update 2006-004 (Aug 1 release) do not need to install this
update.
The following security fixes are provided only for systems running
Mac OS X v10.4.7 Build 8K1079 or Mac OS X Server v10.4.7 Build 8K1079
to reach the full security level provided with Security Update
2006-004 (August 1 release).
ImageIO
CVE-ID: CVE-2006-3459, CVE-2006-3461, CVE-2006-3462, CVE-2006-3465
Available for: Mac OS X v10.4.7 Build 8K1079, Mac OS X Server
v10.4.7 Build 8K1079
Impact: Viewing a maliciously-crafted TIFF image may lead to an
application crash or arbitrary code execution
Description: Buffer overflows were discovered in TIFF tag handling
(CVE-2006-3459, CVE-2006-3465), the TIFF PixarLog decoder
(CVE-2006-3461), and the TIFF NeXT RLE decoder (CVE-2006-3462). By
carefully crafting a corrupt TIFF image, an attacker can trigger a
buffer overflow which may lead to an application crash or arbitrary
code execution. This update addresses the issue by performing
additional validation of TIFF images. Systems prior to Mac OS X v10.4
are affected only by the TIFF NeXT RLE decoder issue (CVE-2006-3462).
Credit to Tavis Ormandy, Google Security Team for reporting this
issue. Note: A fifth issue discovered by Tavis Ormandy,
CVE-2006-3460, does not affect Mac OS X.
OpenSSH
CVE-ID: CVE-2006-0393
Available for: Mac OS X v10.4.7 Build 8K1079, Mac OS X Server
v10.4.7 Build 8K1079
Impact: When remote login is enabled, remote attackers may cause a
denial of service or determine whether an account exists
Description: Attempting to log in to an OpenSSH server ("Remote
Login") using a nonexistent account causes the authentication process
to hang. An attacker can exploit this behavior to detect the
existence of a particular account. A large number of such attempts
may lead to a denial of service. This update addresses the issue by
properly handling attempted logins by nonexistent users. This issue
does not affect systems prior to Mac OS X v10.4. Credit to Rob
Middleton of the Centenary Institute (Sydney, Australia) for
reporting this issue.
"Security Update 2006-004 for Mac Pro" may be obtained from the
Software Update pane in System Preferences, or Apple's Software
Downloads web site:
http://www.apple.com/support/downloads/
For both Mac OS X v10.4.7 Build 8K1079 and
Mac OS X Server v10.4.7 Build 8K1079:
The download file is named: "SecUpd2006-004.dmg"
Its SHA-1 digest is: e11014106e79277057c5c54b555ed163703ea8c0
Information will also be posted to the Apple Security Updates
web site:
http://docs.info.apple.com/article.html?artnum=61798
This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)
iQEVAwUBRNo3ZImzP5/bU5rtAQgHtgf+IIuysGUv5SQSLXuZm7P5AFbm0ZWRYHzU
sDxRgexjeoBmqOa2Ex7CrvrC6Xjr/N8qdceTYCQbmxELDi0+tHv5rGhAhfVslJAt
QZuONI5bQHgb7LEEN2lmuWnk9fNtn96x9jmCpBQBiz2+ez8U5ws3L9AREddiQnEy
Xnd8IV66BbqGpv+O2wkrpkFTdp/7sb8dS+zO9YERUT9FxIKe9V/Y6SocevmFlgGM
/BNHPPLTTSdoQpmrRncdY11oSXL2ut7rS956IQYWKfI7WMD8dC51UMYFjVatJ4+C
SjnngUB8lMn4/6Zjj9Jt6t3QWs5Y9DYISDVVfGkigNb6kIqk073Iiw==
=nMCx
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRNqqjCh9+71yA2DNAQKlcwP8Dm3i3e36vH7STJg+NoSTkAVQG0MaS/PA
g4m1AC54+MOar7K6KqKpXIOnv7qicZ1Y5MpIDifsrlGm02YDv/A3IvNzZm9ZceRG
4dMZqQ3VEzJ7MrukGMjwKXw1PlS9CGdmEj4Ub830aEo9HPJTNKtpQ20SowYn0nJH
iYeYsG+wcSw=
=FaFg
-----END PGP SIGNATURE-----
|