US-CERT Technical Cyber Security Alert TA05-136A -- Apple Mac OS X is affected by multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Cyber Security Alert TA05-136A Apple Mac OS X is affected by multiple vulnerabilities Original release date: May 16, 2005 Last revised: -- Source: US-CERT Systems Affected Mac OS X version 10.3.9 Panther and Mac OS X Server version 10.3.9...

Apple Mac OS X vulnerable to buffer overflow via vpnd daemon

Overview Apple Mac OS X contains a buffer overflow in vpnd that could allow a local, authenticated attacker to execute arbitrary code with root privileges. Description Mac OS X includes a VPN server called vpnd, which is installed setuid root by default. vpnd fails to validate the length of the...

Apple Mac OS X chpass/chfn/chsh utilities do not properly validate external programs

Overview Apple Mac OS X Directory Service utilities use external programs insecurely, potentially allowing an attacker to execute arbitrary code. Description The OS X Directory Services have three utilities chpass, chfn, and chsh to update information in the user database, such as user name,...

Apple Mac OS X Foundation Framework vulnerable to buffer overflow via incorrect handling of an environmental variable

Overview A buffer overflow in Mac OS X Foundation Framework's processing of environment variables may lead to elevated privileges. Description A vulnerability is present Mac OS X Foundation Framework shipped in version 10.3.9 of Mac OS X and Mac OSX Server. There is a flaw in the handling of...

Apple Cocoa applications vulnerable to denial of service via malformed TIFF image

Overview Apple Mac OS X applications using the Cocoa environment may quit due to an unhandled exception in TIFF image handling routines. Description Mac OS X applications may take advantage of the Cocoa programming environment, which is described by Apple as "an object-oriented application...

Apple Mac OS X Server Admin fails to properly restrict users from using the proxy service

Overview The Apple Mac OS X Server HTTP proxy service does not restrict access by default and may allow unintended remote users to use the service. Description Mac OS X Server includes a service to provide for HTTP proxying. The HTTP proxy service does not include any access restrictions in the...

[Full-disclosure] Local root vuln in VPN daemon on MacOS X

Local root vulnerability in vpnd on MacOS X = 10.3.9 ----------------------------------------------------- Overview -------- There exists a local root exploitable stack based buffer overflow in the VPN daemon shipping with MacOS X. This bug can be easily exploited to gain root access. This...

Mac OS X Multiple Vulnerabilities (Security Update 2005-005)

The remote host is missing Security Update 2005-005. This security update contains fixes for the following applications : - Apache - AppKit - AppleScript - Bluetooth - Directory Services - Finder - Foundation - HelpViewer - LDAP - libXpm - lukemftpd - NetInfo - ServerAdmin - sudo - Terminal - VPN...