Details of VAR-200808-0006

ID

VAR-200808-0006

CVE

CVE-2008-2323

TITLE

Apple Mac OS X of Data Detectors Engine Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2008-001600

DESCRIPTION

Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X 10.5.4 allows attackers to cause a denial of service (resource consumption) via crafted textual content in messages. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-005. The advisory also contains security updates for 11 previously reported issues. Attackers can exploit this issue to cause denial-of-service conditions in applications using Data Detectors. The following versions are affected: Mac OS X v10.5.4 and prior Mac OS X Server v10.5.4 and prior This issue does not affect systems prior to Mac OS X v10.5. 1) A vulnerability in BIND can be exploited to poison the DNS cache. For more information: SA30973 2) A boundary error exists in CarbonCore when handling filenames. This can be exploited to cause a stack-based buffer overflow via overly long filenames. Successful exploitation of the vulnerability may allow execution of arbitrary code. 3) Multiple errors exist in CoreGraphics when processing received arguments. These can be exploited to trigger a memory corruption by e.g. tricking a user into visiting a specially crafted website. Successful exploitation of the vulnerability may allow execution of arbitrary code. 4) An integer overflow error exists in CoreGraphics when handling PDF files. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation of the vulnerability may allow execution of arbitrary code. 5) Multiple errors in QuickLook when downloading Microsoft Office files can be exploited to cause a memory corruption. Successful exploitation of the vulnerability may allow execution of arbitrary code. 6) An error exists in the Data Detectors engine when viewing a specially crafted message. This can be exploited to consume overly large resources and trigger an application using the engine to terminate. 7) The problem is that the "Repair Permissions" tool included in Disk Utility sets the "setuid" bit on "/usr/bin/emacs". This can be exploited to execute arbitrary commands with system privileges. 8) An error in OpenLDAP when parsing ASN.1 BER encoded packets can be exploited to cause a DoS. For more information: SA30853 9) A boundary error exists in the OpenSSL "SSL_get_shared_ciphers()" function. For more information see vulnerability #4 in: SA22130 10) Some vulnerabilities in PHP can be exploited malicious users to bypass certain security restrictions, and potentially by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. For more information: SA30048 11) Two vulnerabilities in rsync can be exploited by malicious users to bypass certain security restrictions. For more information: SA27863 SOLUTION: Apply Security Update 2008-005. Security Update 2008-005 Server (PPC): http://www.apple.com/support/downloads/securityupdate2008005serverppc.html Security Update 2008-005 Server (Intel): http://www.apple.com/support/downloads/securityupdate2008005serverintel.html Security Update 2008-005 (PPC): http://www.apple.com/support/downloads/securityupdate2008005ppc.html Security Update 2008-005 (Intel): http://www.apple.com/support/downloads/securityupdate2008005intel.html Security Update 2008-005 (Leopard): http://www.apple.com/support/downloads/securityupdate2008005leopard.html PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Dan Kaminsky of IOActive 2) Thomas Raffetseder of the International Secure Systems Lab and Sergio 'shadown' Alvarez of n.runs AG. 3) Michal Zalewski, Google 4) Pariente Kobi, reported via iDefense 7) Anton Rang and Brian Timares ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT2647 OTHER REFERENCES: SA22130: http://secunia.com/advisories/22130/ SA27863: http://secunia.com/advisories/27863/ SA30048: http://secunia.com/advisories/30048/ SA30973: http://secunia.com/advisories/30973/ SA30853: http://secunia.com/advisories/30853/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.43

sources: NVD: CVE-2008-2323 // JVNDB: JVNDB-2008-001600 // BID: 30483 // BID: 30490 // VULHUB: VHN-32448 // VULMON: CVE-2008-2323 // PACKETSTORM: 68761

AFFECTED PRODUCTS

vendor:	apple	model:	data detectors engine	scope:	eq	version:	*	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.5.4	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.5.4	Trust: 0.8
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5	Trust: 0.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.5.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.11	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.10	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.9	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.11	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.10	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.3

sources: BID: 30483 // BID: 30490 // JVNDB: JVNDB-2008-001600 // CNNVD: CNNVD-200808-027 // NVD: CVE-2008-2323

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-2323
value:	HIGH
Trust: 1.0
NVD:	CVE-2008-2323
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200808-027
value:	HIGH
Trust: 0.6
VULHUB:	VHN-32448
value:	HIGH
Trust: 0.1
VULMON:	CVE-2008-2323
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2008-2323
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-32448
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-32448 // VULMON: CVE-2008-2323 // JVNDB: JVNDB-2008-001600 // CNNVD: CNNVD-200808-027 // NVD: CVE-2008-2323

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-noinfo	Trust: 0.8

sources: VULHUB: VHN-32448 // JVNDB: JVNDB-2008-001600 // NVD: CVE-2008-2323

THREAT TYPE

network

Trust: 0.6

sources: BID: 30483 // BID: 30490

TYPE

Unknown

Trust: 0.6

sources: BID: 30483 // BID: 30490

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-001600

PATCH

title:	Security Update 2008-005	url:	http://support.apple.com/kb/HT2647	Trust: 0.8
title:	Security Update 2008-005	url:	http://support.apple.com/kb/HT2647?viewlocale=ja_JP	Trust: 0.8

sources: JVNDB: JVNDB-2008-001600

EXTERNAL IDS

db:	NVD	id:	CVE-2008-2323	Trust: 3.2
db:	SECUNIA	id:	31326	Trust: 2.7
db:	BID	id:	30483	Trust: 2.1
db:	BID	id:	30490	Trust: 2.1
db:	VUPEN	id:	ADV-2008-2268	Trust: 1.7
db:	SECTRACK	id:	1020606	Trust: 1.7
db:	XF	id:	44130	Trust: 1.4
db:	JVNDB	id:	JVNDB-2008-001600	Trust: 0.8
db:	APPLE	id:	APPLE-SA-2008-07-31	Trust: 0.6
db:	CNNVD	id:	CNNVD-200808-027	Trust: 0.6
db:	VULHUB	id:	VHN-32448	Trust: 0.1
db:	VUPEN	id:	2008/2268	Trust: 0.1
db:	VULMON	id:	CVE-2008-2323	Trust: 0.1
db:	PACKETSTORM	id:	68761	Trust: 0.1

sources: VULHUB: VHN-32448 // VULMON: CVE-2008-2323 // BID: 30483 // BID: 30490 // JVNDB: JVNDB-2008-001600 // PACKETSTORM: 68761 // CNNVD: CNNVD-200808-027 // NVD: CVE-2008-2323

REFERENCES

url:	http://secunia.com/advisories/31326	Trust: 2.6
url:	http://www.securityfocus.com/bid/30490	Trust: 1.9
url:	http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/30483	Trust: 1.8
url:	http://www.securitytracker.com/id?1020606	Trust: 1.8
url:	http://www.frsirt.com/english/advisories/2008/2268	Trust: 1.4
url:	http://xforce.iss.net/xforce/xfdb/44130	Trust: 1.4
url:	http://www.vupen.com/english/advisories/2008/2268	Trust: 1.2
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/44130	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2323	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2323	Trust: 0.8
url:	http://www.apple.com/macosx/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/399.html	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://corporate.secunia.com/about_secunia/64/	Trust: 0.1
url:	http://secunia.com/advisories/27863/	Trust: 0.1
url:	http://secunia.com/hardcore_disassembler_and_reverse_engineer/	Trust: 0.1
url:	http://support.apple.com/kb/ht2647	Trust: 0.1
url:	http://secunia.com/secunia_security_specialist/	Trust: 0.1
url:	http://www.apple.com/support/downloads/securityupdate2008005leopard.html	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://www.apple.com/support/downloads/securityupdate2008005serverintel.html	Trust: 0.1
url:	http://secunia.com/advisories/22130/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/30048/	Trust: 0.1
url:	http://www.apple.com/support/downloads/securityupdate2008005intel.html	Trust: 0.1
url:	http://www.apple.com/support/downloads/securityupdate2008005serverppc.html	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/30853/	Trust: 0.1
url:	http://secunia.com/advisories/30973/	Trust: 0.1
url:	http://secunia.com/advisories/31326/	Trust: 0.1
url:	http://www.apple.com/support/downloads/securityupdate2008005ppc.html	Trust: 0.1
url:	http://secunia.com/product/96/	Trust: 0.1

CREDITS

Sergio Alvarez

Trust: 0.6

sources: CNNVD: CNNVD-200808-027

SOURCES

db:	VULHUB	id:	VHN-32448
db:	VULMON	id:	CVE-2008-2323
db:	BID	id:	30483
db:	BID	id:	30490
db:	JVNDB	id:	JVNDB-2008-001600
db:	PACKETSTORM	id:	68761
db:	CNNVD	id:	CNNVD-200808-027
db:	NVD	id:	CVE-2008-2323

LAST UPDATE DATE

2025-04-10T20:26:22.522000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-32448	date:	2017-08-08T00:00:00
db:	VULMON	id:	CVE-2008-2323	date:	2017-08-08T00:00:00
db:	BID	id:	30483	date:	2008-08-01T17:57:00
db:	BID	id:	30490	date:	2008-08-01T17:27:00
db:	JVNDB	id:	JVNDB-2008-001600	date:	2008-09-03T00:00:00
db:	CNNVD	id:	CNNVD-200808-027	date:	2008-09-11T00:00:00
db:	NVD	id:	CVE-2008-2323	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-32448	date:	2008-08-04T00:00:00
db:	VULMON	id:	CVE-2008-2323	date:	2008-08-04T00:00:00
db:	BID	id:	30483	date:	2008-07-31T00:00:00
db:	BID	id:	30490	date:	2008-07-31T00:00:00
db:	JVNDB	id:	JVNDB-2008-001600	date:	2008-09-03T00:00:00
db:	PACKETSTORM	id:	68761	date:	2008-08-01T22:41:42
db:	CNNVD	id:	CNNVD-200808-027	date:	2008-07-31T00:00:00
db:	NVD	id:	CVE-2008-2323	date:	2008-08-04T01:41:00