Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Apple updates to 10.4.8 and Security Update 2006-006 SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple updates to 10.4.8 and Security Update 2006-006
Looks like it's time to click on the Apple in the top left of your screen, then followed by "Software Update..."  (or however you choose to update)

Lots of Updates today for Apple:

The entire iLife Suite gets an update.

Plus OSX goes from 10.4.7 to 10.4.8 and Security Update 2006-006 is bundled in too.  Lets take a look at whats in the update:

The 10.4.8 Update is recommended for all users and includes general operating system fixes, as well as specific fixes for the following applications and technologies:

- connecting to wireless networks using the EAP-FAST protocol
- Apple USB modem reliability
- using OpenType fonts in Microsoft Word
- compatibility with 3rd party USB hubs
- scanner performance
- RAW camera support
- printing documents with Asian language names
- performance of the Translation widget
- broadband network performance

Security Update 2006-006 says:

CFNetwork
CVE-ID: CVE-2006-4390
Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: CFNetwork clients such as Safari may allow unauthenticated SSL sites to appear as authenticated

Flash Player
CVE-ID: CVE-2006-3311, CVE-2006-3587, CVE-2006-3588, CVE-2006-4640
Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Playing Flash content may lead to arbitrary code execution

ImageIO
CVE-ID: CVE-2006-4391
Available for: Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Viewing a maliciously-crafted JPEG2000 image may lead to an application crash or arbitrary code execution

Kernel
CVE-ID: CVE-2006-4392
Available for: Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Local users may be able to run arbitrary code with raised privileges

LoginWindow
CVE-ID: CVE-2006-4397
Available for: Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: After an unsuccessful attempt to log in to a network account, Kerberos tickets may be accessible to other local users

CVE-ID: CVE-2006-4393
Available for: Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Kerberos tickets may be accessible to other local users if Fast User Switching is enabled

CVE-ID: CVE-2006-4394
Available for: Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Network accounts may be able to bypass loginwindow service access controls

Preferences
CVE-ID: CVE-2006-4387
Available for: Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: After removing an account's Admin privileges, the account may still manage WebObjects applications

QuickDraw Manager
CVE-ID: CVE-2006-4395
Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Opening a malicious PICT image with certain applications may lead to an application crash or arbitrary code execution

SASL
CVE-ID: CVE-2006-1721
Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Remote attackers may be able to cause an IMAP server denial of service

WebCore
CVE-ID: CVE-2006-3946
Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4 through Mac OS X v10.4.7, Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Viewing a maliciously-crafted web page may lead to arbitrary code execution

Workgroup Manager
CVE-ID: CVE-2006-4399
Available for: Mac OS X Server v10.4 through Mac OS X Server v10.4.7
Impact: Accounts in a NetInfo parent that appear to use ShadowHash passwords may still use crypt

Updates we are still waiting on from Apple:
php
SSL/SSH (those just came out, but still)


Read all about the update here.
 Joel

454 Posts
Sep 29th 2006
Thread locked Subscribe Sep 29th 2006
1 decade ago

Sign Up for Free or Log In to start participating in the conversation!