Apple Mac OS X CVE-2012-0656 Race Condition Security Bypass Vulnerability

Bugtraq ID:	53459
Class:	Design Error
CVE:	CVE-2012-0656
Remote:	No
Local:	Yes
Published:	May 09 2012 12:00AM
Updated:	May 09 2012 12:00AM
Credit:	Francisco Gomez (espectalll123)
Vulnerable:	Apple Mac OS X Server 10.7.3 Apple Mac OS X Server 10.7.2 Apple Mac OS X Server 10.7.1 Apple Mac OS X Server 10.7 Apple Mac OS X 10.7.3 Apple Mac OS X 10.7.2 Apple Mac OS X 10.7.1 Apple Mac OS X 10.7
Not Vulnerable:	Apple Mac OS X Server 10.7.4 Apple Mac OS X 10.7.4

Apple Mac OS X CVE-2012-0656 Race Condition Security Bypass Vulnerability

Solution:
Updates are available. Please see the references for more information.


Apple Mac OS X 10.7.1

• Apple MacOSXUpdCombo10.7.4.dmg
  For OS X Lion v10.7 and v10.7.2
  http://www.apple.com/support/downloads/

Apple Mac OS X Server 10.7.3

• Apple MacOSXServerUpd10.7.4.dmg
  For OS X Lion Server v10.7.3
  http://www.apple.com/support/downloads/

Apple Mac OS X 10.7.2

• Apple MacOSXUpdCombo10.7.4.dmg
  For OS X Lion v10.7 and v10.7.2
  http://www.apple.com/support/downloads/

Apple Mac OS X Server 10.7

• Apple MacOSXServerUpdCombo10.7.4.dmg
  For OS X Lion Server v10.7 and v10.7.2
  http://www.apple.com/support/downloads/

Apple Mac OS X Server 10.7.1

• Apple MacOSXServerUpdCombo10.7.4.dmg
  For OS X Lion Server v10.7 and v10.7.2
  http://www.apple.com/support/downloads/

Apple Mac OS X 10.7.3

• Apple MacOSXUpd10.7.4.dmg
  For OS X Lion v10.7.3
  http://www.apple.com/support/downloads/

Apple Mac OS X Server 10.7.2

• Apple MacOSXServerUpdCombo10.7.4.dmg
  For OS X Lion Server v10.7 and v10.7.2
  http://www.apple.com/support/downloads/

Apple Mac OS X 10.7

• Apple MacOSXUpdCombo10.7.4.dmg
  For OS X Lion v10.7 and v10.7.2
  http://www.apple.com/support/downloads/

Apple Mac OS X CVE-2012-0656 Race Condition Security Bypass Vulnerability

References:

• Cisco TelePresence Video Communication Server (VCS) Homepage (Cisco)