ID

VAR-201309-0039

CVE

CVE-2013-1028

TITLE

Apple Mac OS X of IPSec Vulnerabilities spoofed as security gateways in the implementation of

DESCRIPTION

The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate. Apple Mac OS X is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from the server. An attacker can exploit this issue to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. The following versions are vulnerable: Apple Mac OS X 10.6.8, 10.7.5 and 10.8 though 10.8.4 Apple Mac OS X Server 10.6.8 Apple Mac OS X Server 10.7.5. These issues were addressed by updating Apache to version 2.2.24. CVE-ID CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4558 Bind Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in BIND Description: Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. The complete list of recognized system roots may be viewed via the Keychain Access application. This update addresses the issues by updating ClamAV to version 0.97.8. CVE-ID CVE-2013-2020 CVE-2013-2021 CoreGraphics Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JBIG2 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1025 : Felix Groebert of the Google Security Team ImageIO Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1026 : Felix Groebert of the Google Security Team Installer Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Packages could be opened after certificate revocation Description: When Installer encountered a revoked certificate, it would present a dialog with an option to continue. The issue was addressed by removing the dialog and refusing any revoked package. This issue was addressed by properly checking the certificate. CVE-ID CVE-2013-1028 : Alexander Traud of www.traud.de Kernel Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A local network user may cause a denial of service Description: An incorrect check in the IGMP packet parsing code in the kernel allowed a user who could send IGMP packets to the system to cause a kernel panic. The issue was addressed by removing the check. CVE-ID CVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC. Mobile Device Management Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Passwords may be disclosed to other local users Description: A password was passed on the command-line to mdmclient, which made it visible to other users on the same system. The issue was addressed by communicating the password through a pipe. These issues were addressed by updating OpenSSL to version 0.9.8y. These issues were addressed by updating PHP to version 5.3.26. CVE-ID CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 CVE-2013-2110 PostgreSQL Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in PostgreSQL Description: Multiple vulnerabilities exist in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.0.13. CVE-ID CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1902 CVE-2013-1903 Power Management Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: The screen saver may not start after the specified time period Description: A power assertion lock issue existed. This issue was addressed through improved lock handling. CVE-ID CVE-2013-1031 QuickTime Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of 'idsc' atoms in QuickTime movie files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1032 : Jason Kratzer working with iDefense VCP Screen Lock Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A user with screen sharing access may be able to bypass the screen lock when another user is logged in Description: A session management issue existed in the screen lock's handling of screen sharing sessions. This issue was addressed through improved session tracking. CVE-ID CVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq Note: OS X Mountain Lion v10.8.5 also addresses an issue where certain Unicode strings could cause applications to unexpectedly terminate. OS X Mountain Lion v10.8.5 and Security Update 2013-004 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The Software Update utility will present the update that applies to your system configuration. Only one is needed, either OS X Mountain Lion v10.8.5, or Security Update 2013-004. For OS X Mountain Lion v10.8.4 The download file is named: OSXUpd10.8.5.dmg Its SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11 For OS X Mountain Lion v10.8 and v10.8.3 The download file is named: OSXUpdCombo10.8.5.dmg Its SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2 For OS X Lion v10.7.5 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0 For OS X Lion Server v10.7.5 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355 For Mac OS X v10.6.8 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61 For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4 QxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc +WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ bZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN 1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3 H9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ hDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ 8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa V2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl ytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I yoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn vBrJ5gm+nnyRe2TUMAwz =h9hc -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

input validation

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Alexander Traud

SOURCES

LAST UPDATE DATE

2025-04-11T21:07:35.624000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE