OFB Community Mailing Lists
The following archives are provided as a public service to the community. Opinions archived here do not necessarily represent the opinions of Open for Business or its contributors.
[CS-FSLUG] Mac OS X Multiple Vulnerabilities
Fred A. Miller fmiller at lightlink.comThu Jan 20 13:32:33 EST 2005
- Previous message: [CS-FSLUG] Fred's gonna love this
- Next message: [CS-FSLUG] [OT] Second Inaugural Address
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mac OS X Multiple Vulnerabilities CRITICAL: Less critical IMPACT: Exposure of sensitive information, Privilege escalation, DoS WHERE: Local system OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION: Multiple vulnerabilities have been reported in Mac OS X, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose sensitive information, or gain escalated privileges. 1) An integer overflow in the "searchfs()" system call when handling the sizeofsearchparams1 and sizeofsearchparams2 variables in a fssearchblock structure can be exploited to cause a buffer overflow. Successful exploitation may allow execution of arbitrary code with escalated privileges. The vulnerability has been reported in Mac OS X 10.3.4 as of 22nd June 2004 (Darwin kernel xnu-517.7.7). Other versions may also be affected. Reportedly, several older NetBSD vulnerabilities including a signedness error in the "semop()" system call still affect Mac OS X (see other references for more information). 2) An error in the "at" setuid root utility can be exploited to disclose the contents of arbitrary files by specifying them as job file to the "-f" command line option and then reading the created job. The vulnerability has been reported in Mac OS X 10.3.4 (Darwin kernel xnu-517.7.7) and has been confirmed in Mac OS X 10.3.7 (Darwin kernel xnu-517.9.5). Other versions may also be affected. 3) Signedness errors in the "parse_machfile()" function within the Mach-O loader can be exploited to crash the system via a specially crafted Mach-O header. The vulnerability has been reported in Mac OS X 10.3.7 and prior. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: 1, 2) Immunity 3) nemo, felinemenace.org. ORIGINAL ADVISORY: Immunity: http://www.immunitysec.com/downloads/nukido.pdf felinemenace.org: http://www.felinemenace.org/advisories/macosx.txt OTHER REFERENCES: Old NetBSD advisory: ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2001-015.txt.asc -- The only bug free software from MickySoft is still shrink-wrapped in their warehouse..."
- Previous message: [CS-FSLUG] Fred's gonna love this
- Next message: [CS-FSLUG] [OT] Second Inaugural Address
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Christiansource mailing list
Home  About Connect: Twitter Facebook RSS |
© 2001-2011 Universal Networks, All Rights Reserved. Some content rights
may be held by Universal Networks' providers and used under license.
Powered by ServerForest and SAFARI.
Learn about our privacy policy here.