
Apple propose une nouvelle
mise à jour de sécuritéqui s'appelle :
Security Update 2004-09-30 numérotée
1.0.
Cette mise à jour de la mise à jour est disponible via le module de mise à jour des logiciels (1,5Mo), ou directement sur le site d'
Apple.
Alors qu'apporte donc cette nouvelle mise à jour de sécurité ?
La mise à jour Security Update 2004-09-07 apporte un certain nombre d’améliorations en termes de sécurité ; elle est recommandée à tous les utilisateurs de Macintosh.
Cette
mise à jour inclut les éléments
suivants :
AFP Server
CUPS
NetInfoManager
postfix
QuickTime
Pour obtenir des informations détaillées sur cette mise à jour, consultez le site Web suivant :
http://www.info.apple.com/kbnum/n61798 Vous
pouvez télécharger directement ce patch
ici :
Pour
les corrections apportées, tout est dans le texte ci-après et en
anglais :
Security Update 2004-09-30 (released
2004-10-04)
▪ AFP Server
Available for: Mac OS X v10.3.5 and Mac OS
X Server v10.3.5
CVE-ID: CAN-2004-0921
Impact: A denial of service
permitting a guest to disconnect AFP volumes
Description: An AFP volume
mounted by a guest could be used to terminate authenticated user mounts from the
same server by modifying SessionDestroy packets. This issue does not affect
systems prior to Mac OS X v10.3 or Mac OS X Server v10.3.
▪ AFP Server
Available for: Mac OS X v10.3.5 and Mac OS
X Server v10.3.5
CVE-ID: CAN-2004-0922
Impact: Write-only AFP Drop Box
may be set as read-write
Description: A write-only Drop Box on an AFP
volume mounted by a guest could sometimes be read-write due to an incorrect
setting of the guest group id. This issue does not affect systems prior to Mac
OS X v10.3 or Mac OS X Server v10.3.
▪ CUPS
Available for: Mac OS X v10.3.5, Mac OS X Server
v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8
CVE-ID:
CAN-2004-0558
Impact: A denial of service causing the printing system to
hang
Description: The Internet Printing Protocol (IPP) implementation in
CUPS can hang when a certain UDP packet is sent to the IPP
port.
▪ CUPS
Available for: Mac OS X v10.3.5, Mac OS X Server
v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8
CVE-ID:
CAN-2004-0923
Impact: Local disclosure of user passwords
Description:
Certain methods of authenticated remote printing could disclose user passwords
in the printing system log files. Credit to Gary Smith of the IT Services
department at Glasgow Caledonian University for reporting this
issue.
▪ NetInfoManager
Available for: Mac OS X v10.3.5 and
Mac OS X Server v10.3.5
CVE-ID: CAN-2004-0924
Impact: Incorrect
indication of account status
Description: The NetInfo Manager utility can
enable the "root" account, but after a single "root" login it is no longer
possible to use NetInfo Manager to disable the account and it incorrectly
appears to be disabled. This issue does not affect systems prior to Mac OS X
v10.3 or Mac OS X Server v10.3.
▪ postfix
Available for: Mac OS X v10.3.5 and Mac OS X
Server v10.3.5
CVE-ID: CAN-2004-0925
Impact: A denial of service when
SMTPD AUTH has been enabled
Description: When SMTPD AUTH has been enabled
in postfix, a buffer containing the username is not correctly cleared between
authentication attempts. Only users with the longest usernames will be able to
authenticate. This issue does not affect systems prior to Mac OS X v10.3 or Mac
OS X Server v10.3. Credit to Michael Rondinelli of EyeSee360 for reporting this
issue.
▪ QuickTime
Available for: Mac OS X v10.3.5, Mac OS X
Server v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8
CVE-ID:
CAN-2004-0926
Impact: A heap buffer overflow could allow attackers to
execute arbitrary code
Description: Flaws in decoding the BMP image type
could overwrite heap memory and potentially allow the execution of arbitrary
code hidden in an image.
▪ ServerAdmin
Available for: Mac OS X Server v10.3.5
and Mac OS X Server v10.2.8
CVE-ID: CAN-2004-0927
Impact: Client -
Server communication with ServerAdmin can be read by decoding captured
sessions
Description: Client - Server communication with ServerAdmin uses
SSL. All systems come installed with the same example self signed certificate.
If that certificate has not been replaced, then ServerAdmin communication may be
decrypted. The fix replaces the existing self-signed certificate with one that
has been locally and uniquely generated.
Posté le : Lun. - Octobre 4, 2004 à 10:50 PM
|
|
|
|