RETIRED: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
BID:39020
Info
RETIRED: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
| Bugtraq ID: | 39020 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Mar 29 2010 12:00AM |
| Updated: | Apr 08 2010 12:12AM |
| Credit: | Apple; Michael Kisor of OrganicOrb.com; Patrik Karlsson of cqure.net; Bayard Bell; Wil Shipley of Delicious Monster; David Ferrero of Zion Software, LLC; an anonymous researcher via ZDI; Damian Put via ZDI; Clint Ruoho of Laconic Security; Gerrit DeWitt of |
| Vulnerable: |
Apple QuickTime Player 7.6.5 Apple QuickTime Player 7.6.4 Apple QuickTime Player 7.6.2 Apple QuickTime Player 7.6.1 Apple QuickTime Player 7.6 Apple Mac OS X Server 10.6.2 Apple Mac OS X Server 10.6.1 Apple Mac OS X Server 10.5.8 Apple Mac OS X Server 10.5.7 Apple Mac OS X Server 10.5.6 Apple Mac OS X Server 10.5.5 Apple Mac OS X Server 10.5.4 Apple Mac OS X Server 10.5.3 Apple Mac OS X Server 10.5.2 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.6 Apple Mac OS X Server 10.5 Apple Mac OS X 10.6.2 Apple Mac OS X 10.6.1 Apple Mac OS X 10.5.8 Apple Mac OS X 10.5.7 Apple Mac OS X 10.5.6 Apple Mac OS X 10.5.5 Apple Mac OS X 10.5.4 Apple Mac OS X 10.5.3 Apple Mac OS X 10.5.2 Apple Mac OS X 10.5.1 Apple Mac OS X 10.6 Apple Mac OS X 10.5 |
| Not Vulnerable: |
Apple QuickTime Player 7.6.6 Apple Mac OS X Server 10.6.3 Apple Mac OS X 10.6.3 |
Discussion
RETIRED: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update APPLE-SA-2010-03-29-1.
The update addresses new vulnerabilities that affect AppKit, Application Firewall, AFP Server, ClamAV, CoreAudio, CoreMedia, CoreTypes, DesktopServices, Disk Images, Directory Services, Dovecot, Event Monitor, FreeRADIUS, FTP Server, iChat Server, ImageIO, Image RAW, Mail, OS Services, Password Server, Podcast Producer, Preferences, PS Normalizer, QuickTime, Wiki Server, and xar.
This BID is being retired. The following individual records exist to better document the issues:
39279 Apple Mac OS X Mail Encryption Certificate Selection in Keychain Security Bypass Vulnerability
39281 Apple Mac OS X Open Directory Anonymous Access Security Bypass Vulnerability
39278 Apple Mac OS X Podcast Producer Access Validation Vulnerability
39153 Apple Mac OS X Preferences System Login Restrictions Authentication Bypass Security Vulnerability
39273 Apple Mac OS X Password Server Outdated Password Security Bypass Vulnerability
39277 Apple Mac OS X Image RAW Component NEF File Remote Buffer Overflow Vulnerability
39274 Apple Mac OS X SFLServer Local Privilege Escalation Vulnerability
39268 Apple Mac OS X Mail Rule Association Data Integrity Security Vulnerability
39264 Apple Mac OS X Firewall Blacklist Denial of Service Vulnerability
39256 Apple Mac OS X Directory Services Component Record Name Local Privilege Escalation Vulnerability
39255 Apple Mac OS X iChat Server CVE-2010-0504 Multiple Buffer Overflow Vulnerabilities
39252 Apple Mac OS X Disk Images Component Mounting 'bzip2' Image Remote Code Execution Vulnerability
39245 Apple Mac OS X iChat Server CVE-2010-0503 Remote Code Execution Vulnerability
39234 Apple Mac OS X FreeRADIUS Component EAP-TLS Authentication Bypass Vulerability
39236 Apple Mac OS X DesktopServices Security Bypass Vulnerability
39232 Apple Mac OS X Image RAW Component PEF File Remote Buffer Overflow Vulnerability
39230 Apple Mac OS X Incorrect Copied File Ownership Security Bypass Vulnerability
39231 Apple Mac OS X FTP Server Directory Traversal Vulnerability
39161 Apple QuickTime Sorenson-Encoded Movie File Remote Code Execution Vulnerability
39159 Apple QuickTime H.264 Movie File Remote Code Execution Vulnerability
39170 Apple Mac OS X ClamAV Definition Update Security Bypass Vulnerability
39194 Apple Mac OS X Internet-enabled Disk Image Security Bypass Vulnerability
39171 Apple Mac OS X ImageIO Component JP2 File Remote Heap Buffer Overflow Vulnerability
39152 Apple QuickTime FLC Encoded '.fli' Movie File Remote Heap Buffer Overflow Vulnerability
39155 Apple QuickTime FlashPix Encoded File 'NumberOfTiles' Remote Integer Overflow Vulnerability
39160 Apple QuickTime QDM2 and QDCA Encoded Audio Content (CVE-2010-0059) Memory Corruption Vulnerability
39154 Apple QuickTime M-JPEG Data '.mov' File Remote Heap Buffer Overflow Vulnerability
39164 Apple QuickTime QDMC and QDMC2 Encoded Audio Content Memory Corruption Vulnerability
39165 Apple QuickTime RLE Encoded '.mov' File Remote Heap Buffer Overflow Vulnerability
39166 Apple QuickTime MPEG Movie File 'genl' Atom Remote Heap Buffer Overflow Vulnerability
39175 Apple Mac OS X CoreTypes Security Bypass Vulnerability
39169 Apple Mac OS X Application Firewall Rule Remote Security Bypass Vulnerability
39172 Apple Mac OS X AFP Server AFP Share Security Bypass Vulnerability
39163 Apple QuickTime H.261 Movie File Remote Heap Buffer Overflow Vulnerability
39157 Apple Mac OS X AFP Server Mount AFP Share Security Bypass Vulnerability
39167 Apple QuickTime CoreMedia H.263 Encoded '.3g2' Movie Files Heap Buffer Overflow Vulnerability
39156 Apple Mac OS X AppKit Cocoa Application Spell Checker Buffer Overflow Vulnerability
39151 Apple Mac OS X PS Normalizer PostScript File Stack Buffer Overflow Vulnerability
39258 Dovecot Service Control Access List Security Bypass Vulnerability
39290 Apple Mac OS X Server Admin Screen Sharing Security Bypass Vulnerability
39289 Apple Mac OS X Wiki Server File Upload Security Bypass Vulnerability
39291 Apple Mac OS X Wiki Server Weblog SACL Security Bypass Vulnerability
39264 Apple Mac OS X Firewall Blacklist Denial of Service Vulnerability
39292 xar Package Signature Validation Remote Security Bypass Vulnerability
Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update APPLE-SA-2010-03-29-1.
The update addresses new vulnerabilities that affect AppKit, Application Firewall, AFP Server, ClamAV, CoreAudio, CoreMedia, CoreTypes, DesktopServices, Disk Images, Directory Services, Dovecot, Event Monitor, FreeRADIUS, FTP Server, iChat Server, ImageIO, Image RAW, Mail, OS Services, Password Server, Podcast Producer, Preferences, PS Normalizer, QuickTime, Wiki Server, and xar.
This BID is being retired. The following individual records exist to better document the issues:
39279 Apple Mac OS X Mail Encryption Certificate Selection in Keychain Security Bypass Vulnerability
39281 Apple Mac OS X Open Directory Anonymous Access Security Bypass Vulnerability
39278 Apple Mac OS X Podcast Producer Access Validation Vulnerability
39153 Apple Mac OS X Preferences System Login Restrictions Authentication Bypass Security Vulnerability
39273 Apple Mac OS X Password Server Outdated Password Security Bypass Vulnerability
39277 Apple Mac OS X Image RAW Component NEF File Remote Buffer Overflow Vulnerability
39274 Apple Mac OS X SFLServer Local Privilege Escalation Vulnerability
39268 Apple Mac OS X Mail Rule Association Data Integrity Security Vulnerability
39264 Apple Mac OS X Firewall Blacklist Denial of Service Vulnerability
39256 Apple Mac OS X Directory Services Component Record Name Local Privilege Escalation Vulnerability
39255 Apple Mac OS X iChat Server CVE-2010-0504 Multiple Buffer Overflow Vulnerabilities
39252 Apple Mac OS X Disk Images Component Mounting 'bzip2' Image Remote Code Execution Vulnerability
39245 Apple Mac OS X iChat Server CVE-2010-0503 Remote Code Execution Vulnerability
39234 Apple Mac OS X FreeRADIUS Component EAP-TLS Authentication Bypass Vulerability
39236 Apple Mac OS X DesktopServices Security Bypass Vulnerability
39232 Apple Mac OS X Image RAW Component PEF File Remote Buffer Overflow Vulnerability
39230 Apple Mac OS X Incorrect Copied File Ownership Security Bypass Vulnerability
39231 Apple Mac OS X FTP Server Directory Traversal Vulnerability
39161 Apple QuickTime Sorenson-Encoded Movie File Remote Code Execution Vulnerability
39159 Apple QuickTime H.264 Movie File Remote Code Execution Vulnerability
39170 Apple Mac OS X ClamAV Definition Update Security Bypass Vulnerability
39194 Apple Mac OS X Internet-enabled Disk Image Security Bypass Vulnerability
39171 Apple Mac OS X ImageIO Component JP2 File Remote Heap Buffer Overflow Vulnerability
39152 Apple QuickTime FLC Encoded '.fli' Movie File Remote Heap Buffer Overflow Vulnerability
39155 Apple QuickTime FlashPix Encoded File 'NumberOfTiles' Remote Integer Overflow Vulnerability
39160 Apple QuickTime QDM2 and QDCA Encoded Audio Content (CVE-2010-0059) Memory Corruption Vulnerability
39154 Apple QuickTime M-JPEG Data '.mov' File Remote Heap Buffer Overflow Vulnerability
39164 Apple QuickTime QDMC and QDMC2 Encoded Audio Content Memory Corruption Vulnerability
39165 Apple QuickTime RLE Encoded '.mov' File Remote Heap Buffer Overflow Vulnerability
39166 Apple QuickTime MPEG Movie File 'genl' Atom Remote Heap Buffer Overflow Vulnerability
39175 Apple Mac OS X CoreTypes Security Bypass Vulnerability
39169 Apple Mac OS X Application Firewall Rule Remote Security Bypass Vulnerability
39172 Apple Mac OS X AFP Server AFP Share Security Bypass Vulnerability
39163 Apple QuickTime H.261 Movie File Remote Heap Buffer Overflow Vulnerability
39157 Apple Mac OS X AFP Server Mount AFP Share Security Bypass Vulnerability
39167 Apple QuickTime CoreMedia H.263 Encoded '.3g2' Movie Files Heap Buffer Overflow Vulnerability
39156 Apple Mac OS X AppKit Cocoa Application Spell Checker Buffer Overflow Vulnerability
39151 Apple Mac OS X PS Normalizer PostScript File Stack Buffer Overflow Vulnerability
39258 Dovecot Service Control Access List Security Bypass Vulnerability
39290 Apple Mac OS X Server Admin Screen Sharing Security Bypass Vulnerability
39289 Apple Mac OS X Wiki Server File Upload Security Bypass Vulnerability
39291 Apple Mac OS X Wiki Server Weblog SACL Security Bypass Vulnerability
39264 Apple Mac OS X Firewall Blacklist Denial of Service Vulnerability
39292 xar Package Signature Validation Remote Security Bypass Vulnerability
Exploit / POC
RETIRED: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
NOTE: Some of these issues will not require specific exploit code and may be trivial to exploit.
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
NOTE: Some of these issues will not require specific exploit code and may be trivial to exploit.
Solution / Fix
RETIRED: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
Solution:
The vendor has released an advisory and updates. Please see the references for details.
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6
Apple Mac OS X 10.5
Apple Mac OS X Server 10.5
Apple Mac OS X Server 10.5.1
Apple Mac OS X 10.5.1
Apple Mac OS X Server 10.5.2
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.3
Apple Mac OS X Server 10.5.3
Apple Mac OS X 10.5.4
Apple Mac OS X Server 10.5.4
Apple Mac OS X Server 10.5.5
Apple Mac OS X 10.5.5
Apple Mac OS X 10.5.6
Apple Mac OS X Server 10.5.6
Apple Mac OS X Server 10.5.7
Apple Mac OS X 10.5.7
Apple Mac OS X Server 10.5.8
Apple Mac OS X 10.5.8
Apple Mac OS X Server 10.6.1
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6.2
Apple Mac OS X Server 10.6.2
Solution:
The vendor has released an advisory and updates. Please see the references for details.
Apple Mac OS X Server 10.6
-
Apple MacOSXServerUpdCombo10.6.3.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.6
-
Apple MacOSXUpdCombo10.6.3.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.1
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.1
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.2
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.2
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.3
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.3
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.4
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.4
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.5
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.5
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.6
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.6
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.7
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.7
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.8
-
Apple SecUpdSrvr2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.8
-
Apple SecUpd2010-002Leo.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.6.1
-
Apple MacOSXServerUpdCombo10.6.3.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.6.1
-
Apple MacOSXUpdCombo10.6.3.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.6.2
-
Apple MacOSXUpd10.6.3.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.6.2
-
Apple MacOSXServerUpd10.6.3.dmg
http://www.apple.com/support/downloads/
References
RETIRED: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
References:
References:
- Mac OS X Homepage (Apple)