VARIoT IoT vulnerabilities database

fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple of 802.11n Corresponding AirMac Extreme The base station AirMac There is an issue with password protection on disks not working properly. Also, Mac OS X Used in fsck Contains a memory corruption vulnerability.AirMac Extreme If it is password protected AirMac The file name on the disc may be viewed by users on the local network. Also Mac OS X In the case of a disc image crafted by a third party USF In the file system fsck By executing, arbitrary code may be executed. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. Apple AirPort Extreme Base Station is prone to an information-disclosure vulnerability. An attacker can exploit this issue to view filenames on a password-protected AirPort Disk without supplying a password. Firmware versions prior to 7.1 are vulnerable. There is a loophole in the implementation of the AirPort Disk function, and remote attackers may use this loophole to remotely obtain sensitive information. The AirPort Disk feature allows users on the local network to browse file names (but not file content) on a password-protected disk without providing a password, resulting in the disclosure of sensitive information. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port.". A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Fedora Core 6 update for krb5 SECUNIA ADVISORY ID: SA23706 VERIFY ADVISORY: http://secunia.com/advisories/23706/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Apply updated packages. Fedora Core 6: 43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm 43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm 42b9b525ea97d128ed22c6feb7b48cc377ca46ad ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm 51c9dfac74d9026509906e953cf92ac50e1a13c4 ppc/krb5-workstation-1.5-13.ppc.rpm 39a5ed204a75766df9daf51a66971f51700d563c ppc/krb5-server-1.5-13.ppc.rpm bce7df56293ae51d79ce1e054b3056d24a1ae8d5 ppc/krb5-devel-1.5-13.ppc.rpm 9097a6f8fdda32e8b976b0beb2b03ba66172327e ppc/krb5-libs-1.5-13.ppc.rpm 51c1f15fca97f267cabd1d1a9851a349fc5a3648 x86_64/krb5-workstation-1.5-13.x86_64.rpm 7cc0d54545539827434c7975697c9c13ae9e4797 x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm 71fcdc5dadb273576ad9e530fbb15764650cb84b x86_64/krb5-devel-1.5-13.x86_64.rpm bbe8f1b3e7c6077526f760b361ad6ca5d4039276 x86_64/krb5-libs-1.5-13.x86_64.rpm e38c1dccd2310d3bab9d204226988aee627cfe0d x86_64/krb5-server-1.5-13.x86_64.rpm 02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6 i386/debug/krb5-debuginfo-1.5-13.i386.rpm d6470636e983d8559d4378f819fba80b467af0a5 i386/krb5-libs-1.5-13.i386.rpm 278c19ec68ed47d35c5c2370df5c48807dba1224 i386/krb5-workstation-1.5-13.i386.rpm aa72a083b60ddfb3dbc0761f13ea7147e09995f1 i386/krb5-server-1.5-13.i386.rpm 9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400 i386/krb5-devel-1.5-13.i386.rpm ORIGINAL ADVISORY: http://fedoranews.org/cms/node/2375 OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA23696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. According to Apple information, it may be possible to execute arbitrary code with system privileges. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference". The Apple VideoConference framework contains a buffer overflow vulnerability. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. If a malicious SIP packet is sent while initiating an audio/video conference, an attacker can trigger this overflow, resulting in arbitrary command execution. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Fedora Core 6 update for krb5 SECUNIA ADVISORY ID: SA23706 VERIFY ADVISORY: http://secunia.com/advisories/23706/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Apply updated packages. Fedora Core 6: 43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm 43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm 42b9b525ea97d128ed22c6feb7b48cc377ca46ad ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm 51c9dfac74d9026509906e953cf92ac50e1a13c4 ppc/krb5-workstation-1.5-13.ppc.rpm 39a5ed204a75766df9daf51a66971f51700d563c ppc/krb5-server-1.5-13.ppc.rpm bce7df56293ae51d79ce1e054b3056d24a1ae8d5 ppc/krb5-devel-1.5-13.ppc.rpm 9097a6f8fdda32e8b976b0beb2b03ba66172327e ppc/krb5-libs-1.5-13.ppc.rpm 51c1f15fca97f267cabd1d1a9851a349fc5a3648 x86_64/krb5-workstation-1.5-13.x86_64.rpm 7cc0d54545539827434c7975697c9c13ae9e4797 x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm 71fcdc5dadb273576ad9e530fbb15764650cb84b x86_64/krb5-devel-1.5-13.x86_64.rpm bbe8f1b3e7c6077526f760b361ad6ca5d4039276 x86_64/krb5-libs-1.5-13.x86_64.rpm e38c1dccd2310d3bab9d204226988aee627cfe0d x86_64/krb5-server-1.5-13.x86_64.rpm 02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6 i386/debug/krb5-debuginfo-1.5-13.i386.rpm d6470636e983d8559d4378f819fba80b467af0a5 i386/krb5-libs-1.5-13.i386.rpm 278c19ec68ed47d35c5c2370df5c48807dba1224 i386/krb5-workstation-1.5-13.i386.rpm aa72a083b60ddfb3dbc0761f13ea7147e09995f1 i386/krb5-server-1.5-13.i386.rpm 9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400 i386/krb5-devel-1.5-13.i386.rpm ORIGINAL ADVISORY: http://fedoranews.org/cms/node/2375 OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA23696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables. This vulnerability may allow a local attacker execute commands with elevated privileges. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands.". A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. A buffer overflow exists in the AirPortDriver module used to handle AirPort control commands. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Fedora Core 6 update for krb5 SECUNIA ADVISORY ID: SA23706 VERIFY ADVISORY: http://secunia.com/advisories/23706/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Apply updated packages. Fedora Core 6: 43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm 43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm 42b9b525ea97d128ed22c6feb7b48cc377ca46ad ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm 51c9dfac74d9026509906e953cf92ac50e1a13c4 ppc/krb5-workstation-1.5-13.ppc.rpm 39a5ed204a75766df9daf51a66971f51700d563c ppc/krb5-server-1.5-13.ppc.rpm bce7df56293ae51d79ce1e054b3056d24a1ae8d5 ppc/krb5-devel-1.5-13.ppc.rpm 9097a6f8fdda32e8b976b0beb2b03ba66172327e ppc/krb5-libs-1.5-13.ppc.rpm 51c1f15fca97f267cabd1d1a9851a349fc5a3648 x86_64/krb5-workstation-1.5-13.x86_64.rpm 7cc0d54545539827434c7975697c9c13ae9e4797 x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm 71fcdc5dadb273576ad9e530fbb15764650cb84b x86_64/krb5-devel-1.5-13.x86_64.rpm bbe8f1b3e7c6077526f760b361ad6ca5d4039276 x86_64/krb5-libs-1.5-13.x86_64.rpm e38c1dccd2310d3bab9d204226988aee627cfe0d x86_64/krb5-server-1.5-13.x86_64.rpm 02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6 i386/debug/krb5-debuginfo-1.5-13.i386.rpm d6470636e983d8559d4378f819fba80b467af0a5 i386/krb5-libs-1.5-13.i386.rpm 278c19ec68ed47d35c5c2370df5c48807dba1224 i386/krb5-workstation-1.5-13.i386.rpm aa72a083b60ddfb3dbc0761f13ea7147e09995f1 i386/krb5-server-1.5-13.i386.rpm 9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400 i386/krb5-devel-1.5-13.i386.rpm ORIGINAL ADVISORY: http://fedoranews.org/cms/node/2375 OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA23696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username and password credentials for mounting filesystems on SMB servers as command line arguments to the mount_sub command, which may allow local users to obtain sensitive information by listing the process. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Fedora Core 6 update for krb5 SECUNIA ADVISORY ID: SA23706 VERIFY ADVISORY: http://secunia.com/advisories/23706/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Apply updated packages. Fedora Core 6: 43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm 43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm 42b9b525ea97d128ed22c6feb7b48cc377ca46ad ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm 51c9dfac74d9026509906e953cf92ac50e1a13c4 ppc/krb5-workstation-1.5-13.ppc.rpm 39a5ed204a75766df9daf51a66971f51700d563c ppc/krb5-server-1.5-13.ppc.rpm bce7df56293ae51d79ce1e054b3056d24a1ae8d5 ppc/krb5-devel-1.5-13.ppc.rpm 9097a6f8fdda32e8b976b0beb2b03ba66172327e ppc/krb5-libs-1.5-13.ppc.rpm 51c1f15fca97f267cabd1d1a9851a349fc5a3648 x86_64/krb5-workstation-1.5-13.x86_64.rpm 7cc0d54545539827434c7975697c9c13ae9e4797 x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm 71fcdc5dadb273576ad9e530fbb15764650cb84b x86_64/krb5-devel-1.5-13.x86_64.rpm bbe8f1b3e7c6077526f760b361ad6ca5d4039276 x86_64/krb5-libs-1.5-13.x86_64.rpm e38c1dccd2310d3bab9d204226988aee627cfe0d x86_64/krb5-server-1.5-13.x86_64.rpm 02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6 i386/debug/krb5-debuginfo-1.5-13.i386.rpm d6470636e983d8559d4378f819fba80b467af0a5 i386/krb5-libs-1.5-13.i386.rpm 278c19ec68ed47d35c5c2370df5c48807dba1224 i386/krb5-workstation-1.5-13.i386.rpm aa72a083b60ddfb3dbc0761f13ea7147e09995f1 i386/krb5-server-1.5-13.i386.rpm 9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400 i386/krb5-devel-1.5-13.i386.rpm ORIGINAL ADVISORY: http://fedoranews.org/cms/node/2375 OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA23696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. This vulnerability occurs in an environment where Internet sharing is enabled.Third party crafted RTSP Arbitrary code could be executed by processing the packet. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. This vulnerability only affects users who have Internet Sharing enabled. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication controls. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. As a result, there is a problem that the authentication dialog is avoided.Since the authentication dialog box does not appear when waking from sleep, a user who has physical access to the system may be logged in without authentication. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. In some cases the user's \"Wake computer from hibernation requires password\" number was ignored, resulting in no password being asked after waking from hibernation. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Fedora Core 6 update for krb5 SECUNIA ADVISORY ID: SA23706 VERIFY ADVISORY: http://secunia.com/advisories/23706/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Apply updated packages. Fedora Core 6: 43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm 43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm 42b9b525ea97d128ed22c6feb7b48cc377ca46ad ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm 51c9dfac74d9026509906e953cf92ac50e1a13c4 ppc/krb5-workstation-1.5-13.ppc.rpm 39a5ed204a75766df9daf51a66971f51700d563c ppc/krb5-server-1.5-13.ppc.rpm bce7df56293ae51d79ce1e054b3056d24a1ae8d5 ppc/krb5-devel-1.5-13.ppc.rpm 9097a6f8fdda32e8b976b0beb2b03ba66172327e ppc/krb5-libs-1.5-13.ppc.rpm 51c1f15fca97f267cabd1d1a9851a349fc5a3648 x86_64/krb5-workstation-1.5-13.x86_64.rpm 7cc0d54545539827434c7975697c9c13ae9e4797 x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm 71fcdc5dadb273576ad9e530fbb15764650cb84b x86_64/krb5-devel-1.5-13.x86_64.rpm bbe8f1b3e7c6077526f760b361ad6ca5d4039276 x86_64/krb5-libs-1.5-13.x86_64.rpm e38c1dccd2310d3bab9d204226988aee627cfe0d x86_64/krb5-server-1.5-13.x86_64.rpm 02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6 i386/debug/krb5-debuginfo-1.5-13.i386.rpm d6470636e983d8559d4378f819fba80b467af0a5 i386/krb5-libs-1.5-13.i386.rpm 278c19ec68ed47d35c5c2370df5c48807dba1224 i386/krb5-workstation-1.5-13.i386.rpm aa72a083b60ddfb3dbc0761f13ea7147e09995f1 i386/krb5-server-1.5-13.i386.rpm 9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400 i386/krb5-devel-1.5-13.i386.rpm ORIGINAL ADVISORY: http://fedoranews.org/cms/node/2375 OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA23696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. An integer overflow vulnerability exists in the RPC library. A remote attacker can trigger this overflow by sending a specially crafted request to the portmap service, causing a denial of service or executing arbitrary commands with the privileges of the daemon user. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. According to Apple information, it may be possible to execute arbitrary code with system privileges. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. In some cases Libinfo does not report errors to applications using it. By tricking a user into visiting a malicious web page, an attacker can cause access to previously deallocated objects, cause the application to terminate unexpectedly, or execute arbitrary instructions. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Fedora Core 6 update for krb5 SECUNIA ADVISORY ID: SA23706 VERIFY ADVISORY: http://secunia.com/advisories/23706/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Apply updated packages. Fedora Core 6: 43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm 43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm 42b9b525ea97d128ed22c6feb7b48cc377ca46ad ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm 51c9dfac74d9026509906e953cf92ac50e1a13c4 ppc/krb5-workstation-1.5-13.ppc.rpm 39a5ed204a75766df9daf51a66971f51700d563c ppc/krb5-server-1.5-13.ppc.rpm bce7df56293ae51d79ce1e054b3056d24a1ae8d5 ppc/krb5-devel-1.5-13.ppc.rpm 9097a6f8fdda32e8b976b0beb2b03ba66172327e ppc/krb5-libs-1.5-13.ppc.rpm 51c1f15fca97f267cabd1d1a9851a349fc5a3648 x86_64/krb5-workstation-1.5-13.x86_64.rpm 7cc0d54545539827434c7975697c9c13ae9e4797 x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm 71fcdc5dadb273576ad9e530fbb15764650cb84b x86_64/krb5-devel-1.5-13.x86_64.rpm bbe8f1b3e7c6077526f760b361ad6ca5d4039276 x86_64/krb5-libs-1.5-13.x86_64.rpm e38c1dccd2310d3bab9d204226988aee627cfe0d x86_64/krb5-server-1.5-13.x86_64.rpm 02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6 i386/debug/krb5-debuginfo-1.5-13.i386.rpm d6470636e983d8559d4378f819fba80b467af0a5 i386/krb5-libs-1.5-13.i386.rpm 278c19ec68ed47d35c5c2370df5c48807dba1224 i386/krb5-workstation-1.5-13.i386.rpm aa72a083b60ddfb3dbc0761f13ea7147e09995f1 i386/krb5-server-1.5-13.i386.rpm 9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400 i386/krb5-devel-1.5-13.i386.rpm ORIGINAL ADVISORY: http://fedoranews.org/cms/node/2375 OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA23696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. According to Apple information, you may be granted system privileges. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. When loading the WebDAV file system, the load_webdav program may be started without proper cleaning and mitigation, and there is a privilege escalation vulnerability. Local users can use this to create files or execute commands with system privileges. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Fedora Core 6 update for krb5 SECUNIA ADVISORY ID: SA23706 VERIFY ADVISORY: http://secunia.com/advisories/23706/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Apply updated packages. Fedora Core 6: 43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm 43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm 42b9b525ea97d128ed22c6feb7b48cc377ca46ad ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm 51c9dfac74d9026509906e953cf92ac50e1a13c4 ppc/krb5-workstation-1.5-13.ppc.rpm 39a5ed204a75766df9daf51a66971f51700d563c ppc/krb5-server-1.5-13.ppc.rpm bce7df56293ae51d79ce1e054b3056d24a1ae8d5 ppc/krb5-devel-1.5-13.ppc.rpm 9097a6f8fdda32e8b976b0beb2b03ba66172327e ppc/krb5-libs-1.5-13.ppc.rpm 51c1f15fca97f267cabd1d1a9851a349fc5a3648 x86_64/krb5-workstation-1.5-13.x86_64.rpm 7cc0d54545539827434c7975697c9c13ae9e4797 x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm 71fcdc5dadb273576ad9e530fbb15764650cb84b x86_64/krb5-devel-1.5-13.x86_64.rpm bbe8f1b3e7c6077526f760b361ad6ca5d4039276 x86_64/krb5-libs-1.5-13.x86_64.rpm e38c1dccd2310d3bab9d204226988aee627cfe0d x86_64/krb5-server-1.5-13.x86_64.rpm 02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6 i386/debug/krb5-debuginfo-1.5-13.i386.rpm d6470636e983d8559d4378f819fba80b467af0a5 i386/krb5-libs-1.5-13.i386.rpm 278c19ec68ed47d35c5c2370df5c48807dba1224 i386/krb5-workstation-1.5-13.i386.rpm aa72a083b60ddfb3dbc0761f13ea7147e09995f1 i386/krb5-server-1.5-13.i386.rpm 9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400 i386/krb5-devel-1.5-13.i386.rpm ORIGINAL ADVISORY: http://fedoranews.org/cms/node/2375 OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA23696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X of Help Viewer Applications (Help Viewer , iMovie Such ) Contains a format string vulnerability by improperly handling help files with incorrect filenames.By downloading and opening a specially crafted help file, a third party could crash the application or execute arbitrary code. Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to arbitrary memory locations, which can facilitate the execution of arbitrary machine code with the privileges of a targeted application. Failed exploit attempts will likely crash the application. Help Viewer 3.0.0, Safari 2.0.4, iMovie HD 6.0.3, and iPhoto 6.0.5 are reported affected; other versions may be vulnerable as well. instruction. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation of an IP address ("dotless IP address"), which allows remote authenticated users to connect to the FirePass administrator console and certain other network resources. FirePass A vulnerability exists that uses the management console and other network resources.By a remotely authenticated user FirePass The management console and other network resources may be used. F5 Firepass is prone to multiple input-validation vulnerabilities because the device fails to sufficiently sanitize user-supplied input. These issues include information-disclosure, security bypass, and cross-site scripting vulnerabilities. An attacker can exploit these issues to bypass security restrictions, to view sensitive information, and to steal cookie-based authentication credentials. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible

F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper case letters in the domain name. F5 FirePass Limited URL There is a vulnerability that is accessed by.Restricted by a third party via: URL May be accessed. F5 Firepass is prone to multiple input-validation vulnerabilities because the device fails to sufficiently sanitize user-supplied input. These issues include information-disclosure, security bypass, and cross-site scripting vulnerabilities. An attacker can exploit these issues to bypass security restrictions, to view sensitive information, and to steal cookie-based authentication credentials. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible

Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN allow remote attackers to inject arbitrary web script or HTML via (1) the xcho parameter to my.logon.php3; the (2) topblue, (3) midblue, (4) wtopblue, and certain other Custom color parameters in a per action to vdesk/admincon/index.php; the (5) h321, (6) h311, (7) h312, and certain other Front Door custom text color parameters in a per action to vdesk/admincon/index.php; the (8) ua parameter in a bro action to vdesk/admincon/index.php; the (9) app_param and (10) app_name parameters to webyfiers.php; (11) double eval functions; (12) JavaScript contained in an <FP_DO_NOT_TOUCH> element; and (13) the vhost parameter to my.activation.php. NOTE: it is possible that this candidate overlaps CVE-2006-3550. F5 FirePass SSL VPN Contains a cross-site scripting vulnerability. This vulnerability CVE-2006-3550 And may overlap.By any third party, via Web Script or HTML May be inserted. (1) my.logon.php To xcho Parameters (2) vdesk/admincon/index.php To per In action topblue Custom color parameters (3) vdesk/admincon/index.php To per In action midblue Custom color parameters (4) vdesk/admincon/index.php To per In action wtopblue Custom color parameters, etc. (5) vdesk/admincon/index.php To per In action h321 of Front Door Custom text color parameters (6) vdesk/admincon/index.php To per In action h311 of Front Door Custom text color parameters (7) vdesk/admincon/index.php To per In action h312 of Front Door Custom text color parameters, etc. F5 Firepass is prone to multiple input-validation vulnerabilities because the device fails to sufficiently sanitize user-supplied input. These issues include information-disclosure, security bypass, and cross-site scripting vulnerabilities. An attacker can exploit these issues to bypass security restrictions, to view sensitive information, and to steal cookie-based authentication credentials. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible

Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. According to Apple information, it may be possible to execute arbitrary code with system privileges. A successful attack can allow local attackers to gain superuser privileges. Mac OS X 10.4.8 is reported vulnerable; other versions may be affected as well. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA23903 VERIFY ADVISORY: http://secunia.com/advisories/23903/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/ DESCRIPTION: Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA23690 SA23696 SOLUTION: Update to "app-crypt/mit-krb5-1.5.2" or later. ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml OTHER REFERENCES: SA23690: http://secunia.com/advisories/23690/ SA235696: http://secunia.com/advisories/23696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------