Apple Mac OS X Apple Type Services server fails to securely create error log files

Overview The Apple Mac OS X Apple Type Services server insecurely creates error log files, which may allow a local attacker to overwrite or create files with system privileges. Description Apple Mac OS X Apple Type Services server fails to securely create error log files. A local attacker may be...

Mac OS X Multiple Vulnerabilities (Security Update 2006-007)

The remote host is running a version of Mac OS X which does not have the security update 2006-007 applied. Security Update 2006-007 contains several security fixes for the following programs : - AirPort - ATS - CFNetwork - Finder - Font Book - Font Importer - Installer - OpenSSL - PHP - PPP - Sam...

Apple Mac OS X PPP driver fails to properly validate PADI packets

Overview The Apple Mac OS X PPP driver fails to properly handle PPPoE Active Discovery Initiation PADI packets. This vulnerability may allow a remote attacker to execute arbitrary code with system privileges. Description The Apple Mac OS X PPP driver fails to properly handle PADI packets allowing...

Apple Mac OS X 2006-007存在多个安全漏洞

Apple Mac OS X是一款基于BSD的操作系统。 Apple Mac OS X存在多个安全问题，远程和本地攻击者可以利用漏洞进行恶意代码执行，拒绝服务攻击，特权提升，覆盖文件，获得敏感信息等攻击。 具体问题如下： AirPort－CVE-ID: CVE-2006-5710： AirPort无线驱动不正确处理应答帧，可导致基于堆的溢出。 ATS－CVE-ID: CVE-2006-4396： Apple Type服务不安全建立错误日至可导致任意文件覆盖。 ATS－CVE-ID: CVE-2006-4398： Apple Type服务存在多个缓冲区溢出，可导致以高权限执行任意代码。...

SUSE-SA:2006:007: binutils,kdelibs3,kdegraphics3,koffice,dia,lyx

The remote host is missing the patch for the advisory SUSE-SA:2006:007 binutils,kdelibs3,kdegraphics3,koffice,dia,lyx. A SUSE specific patch to the GNU linker 'ld' removes redundant RPATH and RUNPATH components when linking binaries. Due to a bug in this routine ld occasionally left empty RPATH...