GigaOM Network: GigaOM | WebWorkerDaily | NewTeeVee | Earth2Tech | OStatic | jkOnTheRun | TheAppleBlog | NewTeeVee Live | Jobs | About | Advertise | Contact

Security Update 2005-006

Written on June 08, 2005 by Gareth Potter and No one has commented

Software Update will give you the lowdown, but for those as yet unaware, Security Update 2005-006 is now available for your enjoyment, incorporating fixes relating to:

  • AFP (AppleTalk File Sharing) Server - buffer overflow; ACL-related issues
  • Bluetooth - insufficient input checking - wrongly able to access files outside of the default directory
  • CoreGraphics - crash; privilege escalation
  • Folder Permissions - file race condition
  • launchd - privilege escalation
  • LaunchServices - download safety check bypassable
  • MCX client - “Portable Home Directory credentials may be available to local system users”
  • NFS - implementation bug
  • PHP - multiple vulnerabilities, including remote DOS and code execution
  • VPN - privilege escalation due to buffer overflow

The details are here.

Share This

Filed in: News and Software

Related Entries:

Leave a reply

Avatars
If you'd like an avatar to appear next to your comment, simply signup for a Gravatar. It's free and takes all of about 2 minutes to setup.

Subscribe without commenting

Close
E-mail It