c.m.g
29-05-2008, 13:33
29 maggio 2008
La società di sicurezza Secunia (http://secunia.com) riporta un Advisory (SA30430 (http://secunia.com/advisories/30430/)) il cui si spiega che sono state trovate multiple vulnerabilità in Mac OS X, giudicate dalla stessa come Highly critical, che esporrebbero il computer di un utente ignaro ad attacchi di tipo Security Bypass, Cross Site Scripting, Esposizione di dati di sistema, Esposizione di dati sensibili, Privilege escalation, DoS (Denial of Service), Accesso al sistema non autorizzato da remoto; per maggiori info, dare uno sguardo a questa pagina (http://secunia.com/advisories/30430).
OS:
Apple Macintosh OS X
Soluzione:
Aggiornare il sistema operatico a Mac OS X 10.5.3 oppure applicare gli aggiornamenti di sicurezza 2008-003.
Security Update 2008-003 (PPC):
http://www.apple.com/support/downloads/securityupdate2008003ppc.html
Security Update 2008-003 Server (PPC):
http://www.apple.com/support/downloads/securityupdate2008003serverppc.html
Security Update 2008-003 Server (Universal):
http://www.apple.com/support/downloads/securityupdate2008003serveruniversal.html
Security Update 2008-003 (Intel):
http://www.apple.com/support/downloads/securityupdate2008003intel.html
Mac OS X 10.5.3 Combo Update:
http://www.apple.com/support/downloads/macosx1053comboupdate.html
Mac OS X 10.5.3 Update:
http://www.apple.com/support/downloads/macosx1053update.html
Mac OS X Server 10.5.3 Combo Update:
http://www.apple.com/support/downloads/macosxserver1053comboupdate.html
Mac OS X Server 10.5.3 Update:
http://www.apple.com/support/downloads/macosxserver1053update.html
Falle scoperte da:
1) Alex deVries and Robert Rich
3) Rosyna of Unsanity
5) Melissa O'Neill, Harvey Mudd College
9) Brian Mastenbrook
12) Paul Haddad, PTH Consulting
16) Gynvael Coldwind, Hispasec
19) Derek Morr, Pennsylvania State University
21) Geoff Franks, Hauptman Woodward Institute
22) Don Rainwater, University of Cincinnati
Changelog:
2008-05-29: Added links to Mac OS X 10.5.3 in "Solution" section.
Advisory d'origine:
http://support.apple.com/kb/HT1897
Altre referenze:
SA18008:
http://secunia.com/advisories/18008/
SA18307:
http://secunia.com/advisories/18307/
SA26273:
http://secunia.com/advisories/26273/
SA26636:
http://secunia.com/advisories/26636/
SA27093:
http://secunia.com/advisories/27093/
SA27130:
http://secunia.com/advisories/27130/
SA28081:
http://secunia.com/advisories/28081/
SA28083:
http://secunia.com/advisories/28083/
SA28323:
http://secunia.com/advisories/28323/
Fonte: Secunia (http://secunia.com/advisories/30430/)
La società di sicurezza Secunia (http://secunia.com) riporta un Advisory (SA30430 (http://secunia.com/advisories/30430/)) il cui si spiega che sono state trovate multiple vulnerabilità in Mac OS X, giudicate dalla stessa come Highly critical, che esporrebbero il computer di un utente ignaro ad attacchi di tipo Security Bypass, Cross Site Scripting, Esposizione di dati di sistema, Esposizione di dati sensibili, Privilege escalation, DoS (Denial of Service), Accesso al sistema non autorizzato da remoto; per maggiori info, dare uno sguardo a questa pagina (http://secunia.com/advisories/30430).
OS:
Apple Macintosh OS X
Soluzione:
Aggiornare il sistema operatico a Mac OS X 10.5.3 oppure applicare gli aggiornamenti di sicurezza 2008-003.
Security Update 2008-003 (PPC):
http://www.apple.com/support/downloads/securityupdate2008003ppc.html
Security Update 2008-003 Server (PPC):
http://www.apple.com/support/downloads/securityupdate2008003serverppc.html
Security Update 2008-003 Server (Universal):
http://www.apple.com/support/downloads/securityupdate2008003serveruniversal.html
Security Update 2008-003 (Intel):
http://www.apple.com/support/downloads/securityupdate2008003intel.html
Mac OS X 10.5.3 Combo Update:
http://www.apple.com/support/downloads/macosx1053comboupdate.html
Mac OS X 10.5.3 Update:
http://www.apple.com/support/downloads/macosx1053update.html
Mac OS X Server 10.5.3 Combo Update:
http://www.apple.com/support/downloads/macosxserver1053comboupdate.html
Mac OS X Server 10.5.3 Update:
http://www.apple.com/support/downloads/macosxserver1053update.html
Falle scoperte da:
1) Alex deVries and Robert Rich
3) Rosyna of Unsanity
5) Melissa O'Neill, Harvey Mudd College
9) Brian Mastenbrook
12) Paul Haddad, PTH Consulting
16) Gynvael Coldwind, Hispasec
19) Derek Morr, Pennsylvania State University
21) Geoff Franks, Hauptman Woodward Institute
22) Don Rainwater, University of Cincinnati
Changelog:
2008-05-29: Added links to Mac OS X 10.5.3 in "Solution" section.
Advisory d'origine:
http://support.apple.com/kb/HT1897
Altre referenze:
SA18008:
http://secunia.com/advisories/18008/
SA18307:
http://secunia.com/advisories/18307/
SA26273:
http://secunia.com/advisories/26273/
SA26636:
http://secunia.com/advisories/26636/
SA27093:
http://secunia.com/advisories/27093/
SA27130:
http://secunia.com/advisories/27130/
SA28081:
http://secunia.com/advisories/28081/
SA28083:
http://secunia.com/advisories/28083/
SA28323:
http://secunia.com/advisories/28323/
Fonte: Secunia (http://secunia.com/advisories/30430/)