[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 535/05 - Apple - Two Security Announcements



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 535/05 dated 13.07.05  Time: 11:10  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Apple - Two Security Announcements:
     1.  Darwin Streaming Server 5.5.1  [APPLE-SA-2005-07-12]
     2.  Mac OS X v10.4.2               [APPLE-SA-2005-07-12]


Detail
====== 

Security announcement summaries:

     1.  Version 5.5 of the Windows 2000/2003 Server distribution of
         this package is vulnerable to a denial of service attack when
         handling certain web requests.  Version 5.5.1 addresses the problem
         by adding extra checks before opening files.   Other distributions of
         this package, including Mac OS X and Linux, are not vulnerable to the
         attack.

     2.  Dashboard is distributed with Apple-supplied widgets, and users have 
         the ability to add new ones.  It is possible for a user to install a new 
         widget with the same internal identifier as an Apple-supplied widget.  If 
         this occurs, the newly-installed widget will run in the place of the system 
         widget.  It may not be clear to users that they are running a widget that 
         they installed as opposed to the Apple-supplied one. 


Security announcement content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-07-12 Darwin Streaming Server 5.5.1

The open source Darwin Streaming Server project has been updated to
provide the following security enhancement:

Darwin Streaming Server 5.5.1
Available for:  Microsoft Windows 2000/2003 Server
CVE-ID:  CAN-2005-2195
Impact:  Remote attackers can hang the Web Admin application in
Darwin Streaming Server for Windows 2000/2003 Server
Description:  Darwin Streaming Server is distributed with a web-based
admin application that allows it to be configured through a web
browser.  Version 5.5 of the Windows 2000/2003 Server distribution of
this package is vulnerable to a denial of service attack when
handling certain web requests.  Version 5.5.1 addresses the problem
by adding extra checks before opening files.   Other distributions of
this package, including Mac OS X and Linux, are not vulnerable to the
attack.  Credit to Sowhat of ITS Security Team for reporting this
issue.

Information on Darwin Streaming Server is available at:
http://developer.apple.com/darwin/projects/streaming/

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQtRdzoHaV5ucd/HdAQJyugf+PpXLWzzoaaRsepjk3S9TlLjrRYRW3PyS
E0PnAUb69zeIS0DtKFAKMyvu2JHckvQUg0pbSQdCpcNihtrwFjq/DyphWWlOYeZ9
Und1Gw+TTDXNJ7OqEL2URj1lSGG2ZCFmy6SlXdiufERLTBsLQc7whoHM+AcscWCk
Hj21ysMkyejkG+mMRN3cHiWngNdNvXigyH0pE8WARYRBxdIB6COo4C14CwO2ukso
hOF0DsoLiArMYAFliWdDSwkvMpQggE9olhdLvYlba+gnobhXroT1dU88G/DQ+Hsk
KmHgWerTYJ9B2uB3dC290LQUWuiInuAP448aW7odfgYEPkFcJAsccQ==
=K8RY
- -----END PGP SIGNATURE-----



2.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-07-12 Mac OS X v10.4.2

Mac OS X v10.4.2 is now available and delivers the following security
enhancements:

Dashboard
CVE-ID: CAN-2005-1333
Available for: Mac OS X v10.4, Mac OS X Server v10.4
Impact: Users may install widgets that override Apple supplied
widgets
Description: Dashboard is distributed with Apple-supplied widgets,
and users have the ability to add new ones.  It is possible for a
user to install a new widget with the same internal identifier as an
Apple-supplied widget.  If this occurs, the newly-installed widget
will run in the place of the system widget.  It may not be clear to
users that they are running a widget that they installed as opposed
to the Apple-supplied one.  This update addresses the problem by
alerting users if they try to install widgets that would cause this
sort of conflict.  This issue does not affect previous releases of
Mac OS X.

TCP/IP
CVE-ID: CAN-2005-2194
Available for: Mac OS X v10.4, Mac OS X Server v10.4
Impact: A specifically crafted TCP/IP packet can cause a denial of
service
Description: A specifically crafted TCP/IP packet can cause the
kernel to panic due to a null pointer dereference and require a
reboot.  Multiple conditions are required to trigger this problem.
The common practice of filtering source-routed and loose
source-routed packets on network infrastructure, ingress routers and
firewalls can prevent systems from being affected.  This issue does
not affect previous releases of Mac OS X.  Credit to Julian Y. Koh
and colleagues of Northwestern University for reporting this issue.

Mac OS X v10.4.2 may be obtained from the Software Update pane in
System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

For Mac OS X v10.4.1
The download file is named:  "MacOSXUpdate10.4.2.dmg"
Its SHA-1 digest is:  5a11375c29f1f656061189b9467cf9291153de46

For Mac OS X v10.4
The download file is named:  "MacOSXUpdateCombo10.4.2.dmg"
Its SHA-1 digest is:  5149def0b79f030bdb2763283c376e4d87d085e9

For Mac OS X Server v10.4.1
The download file is named:  "MacOSXServerUpdate10.4.2.dmg"
Its SHA-1 digest is:  c8fc07538b1ed558fc1daf221803c47ab6b1b56a

For Mac OS X Server v10.4
The download file is named:  "MacOSXSrvrUpdCombo10.4.2.dmg"
Its SHA-1 digest is:  4eaf9dedb18e21ac6282d5af8419a5ca7a562e5e

Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQtQ1ZYHaV5ucd/HdAQLOfAgAhE0YDld/7Ku/pHkNiHe7WWUJ8L5vdy7m
Af17RLbA44s3Ei75OsyobPYadItRCv9DUla6VWMo65r5qCjk0AYL5c3kB+q+nd5O
VYONW6tFxwgu18e5ectbzR3yYZKnkyY7OMIt1XAq1u1hdujZ0m2/EoCpRX0cv43C
Tqdklhtbt18G8VbuCfP/niB6TtMh5x2yEDoAn3m4P9vh9dR2aNfIZFpsM8MXKiwM
IdM4exoPfrJdS78NQMmPHAqtacw/sEGoRB7Won47qVPQNKkRS7dSOc3aYIjOO/os
WjVKtRYKidKmFaHRybpuGmMb2WOTvHrjLggCuO90i06OatDKRh17IA==
=p0Xk
- -----END PGP SIGNATURE-----


- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Apple for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQtToQIpao72zK539AQH1lwQAmaBcdn5zV8PIjYUCaLo16t51v5kRt/+g
gf/D6A0DZ4R1JPEzvxBI1zB+krOz/qxcYdUsB58e2n1WJKvfyh5GWuaoARGNqtMR
V5ves0csrRXfaK1I1GARIaqgXykfSAEV16Jd5gzRdnA6smXCmj1MoILPVXJ4BHd8
i/nSiD2Spno=
=3bPc
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________