Mac Security: Weekly Summary 04202006 &A#JD1Tg!d8
This weekly summary makes use of the Secunia Weekly Summary of OS vulnerabilities. You can sign up for their weekly newsletter and read details about each vulnerability at:
On 04-21-2006 Secunia put out the following advisory. Thanks to Ilgaz Ocal for posting this over at comp.sys.mac.system. Background: a 'DoS' is a Denial of Service. It...
You're missing the point. Would you think it a good idea if the keyboard shortcuts one uses for menu functions -- Cmd-O, Cmd-C, Cmd-V, etc -- would you think...
This is another yawner week for Mac OS X vulnerabilities. There is nothing new.
The only vulnerabilities related to MOSX are those that were reported for FireFox and, as one might expect, Mozilla applications. Secunia point out that many of these have been fixed in recent updates, but some remain open. See below for details.
Here is a brief look at vulnerabilities this week:
- No new Mac OS X vulnerabilities - One new Windows vulnerability - Firefox-Mozilla vulnerabilities, some still unpatched - Oracle vulnerabilities, some still unpatched
- There are no new virus alerts. amazing
- Of interest: The onslaught of vulnerabilities in PHP continues. It is proving to be remarkably insecure. So, beware if you use it to code your website.
Below are sections 2 - 4 of the Secunia Weekly Summary. See their website for more details.
======================================================================== 2) This Week in Brief:
21 vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypbutt certain security restrictions, disclose sensitive information, and potentially compromise a user's system.
Apparently, a number of these vulnerabilities has been fixed in the Firefox 1.5 branch since October 2005 but has only just been fixed in the 1.0 branch with the release of version 1.0.8.
Many of these vulnerabilities also affect the Mozilla Suite and have not yet been patched.
Reference:
--
Multiple vulnerabilities have been reported in various Oracle products. Some have an unknown impact, and others can be exploited to conduct SQL injection attacks or compromise a vulnerable system.
This advisory currently has a status of partial fix due to lack of patches for all products to fix one of the vulnerabilities.
Reference:
--
VIRUS ALERTS:
Secunia has not issued any virus alerts during the week.
======================================================================== 3) This Weeks Top Ten Most Read Advisories:
1. SA19631 Firefox Multiple Vulnerabilities 2. SA19521 Internet Explorer Window Loading Race Condition Address Bar Spoofing 3. SA18680 Microsoft Internet Explorer "createTextRange()" Code end 4. SA1968 plus 18 Firefox "View Image" Local Resource Linking Weakness 5. SA19649 Mozilla SeaMonkey Multiple Vulnerabilities 6. SA19644 Ubuntu Updates for Multiple Packages 7. SA19676 Avaya CMS IR Sendmail Memory Corruption Vulnerability 8. SA19642 Sphider "settingsdir" File Inclusion Vulnerability 9. SA19653 PAJAX Arbitrary Code end Vulnerabilities 10. SA19663 Novell GroupWise Messenger Accept-Language Buffer Overflow
Tim Smith said the following on 27-04-2006 03:11 am: I know there will always be inconsistencies in such a complex thing, in in fairness though, Finder...
======================================================================== 4) Vulnerabilities Summary Listing
Ocal: --Tempest In A Teapot?-- MacFixIt today have started a review and discussion of this fairly vague set of vulnerabilities. I am going to post all...
Windows: SA19662 Web+Shop "storeid" Full Path Disclosure Weakness
UNIX-Linux: SA19746 Ubuntu update for firefox SA19729 Red Hat update for mozilla SA19714 Fedora update for firefox SA1968 plus 16 Red Hat update for firefox SA1968 plus 12 Debian update for horde2 SA1968 plus 10 Sysinfoscript sysinfo.cgi Shell Command Injection and Path Disclosure SA19676 Avaya CMS IR Sendmail Memory Corruption Vulnerability SA19671 Xine Playlist File Path Format String Vulnerability SA19707 xFlow Multiple Vulnerabilities SA1968 plus 14 PHP Net Tools "host" Shell Command Injection Vulnerability SA1968 plus 11 Gentoo update for cacti SA19674 Empire Server Unspecified Vulnerabilities SA19718 BannerFarm banners.cgi Cross-Site Scripting Vulnerability SA19667 CommuniMail Multiple Cross-Site Scripting Vulnerabilities SA19658 Gentoo update for libapreq2 SA19735 Fedora update for kernel SA19683 avast! Insecure Temporary File Creation SA19682 Symantec LiveUpdate for Machintosh Privilege Escalation SA19675 Debian update for fcheck SA19664 Linux Kernel Shared Memory Restrictions Bypbutt SA19657 Linux Kernel Shared Memory Restrictions Bypbutt SA19656 IBM AIX rmmlcachefile Arbitrary File Overwrite SA19724 Linux Kernel x87 Register Information Leak SA19716 Avaya CMS IR "-proc" Denial of Service SA19715 FreeBSD FPU x87 Register Information Leak SA19709 Linux Kernel "iprouteinput()" Denial of Service Vulnerability SA19687 Debian update for bsdgames
Other: SA19740 Cisco IOS XR MPLS Denial of Service Vulnerabilities
I almost hate to say this, but I agree with Pratt on this one. Apple has developed a tendency to create "hidden" features. One...
Cross Platform: SA19743 ActualAnalyzer "rf" File Inclusion Vulnerability SA19730 TotalCalendar "incdir" File Inclusion Vulnerability SA19728 RechnungsZentrale V2 Multiple Vulnerabilities SA19726 Internet Photoshow "page" File Inclusion Vulnerability SA19712 Oracle Products Multiple Vulnerabilities SA19688 Monster Top List File Inclusion and Cross-Site Scripting Vulnerabilities SA19684 I-Rater Platinum "includepath" Parameter File Inclusion Vulnerability SA19680 myEvent Multiple Vulnerabilities SA19670 Amaya Attribute Value Buffer Overflow Vulnerabilities SA19666 Censtore "page" Shell Command Injection Vulnerability SA19653 PAJAX Arbitrary Code end Vulnerabilities SA19649 Mozilla SeaMonkey Multiple Vulnerabilities SA19719 LinPHA Cross-Site Scripting and SQL Injection Vulnerabilities SA19706 phpWebFTP "language" Local File Inclusion SA19705 phpGraphy "editwelcome" Authentication Bypbutt SA19703 Neuron Blog Multiple Vulnerabilities SA19700 betaboard "FormValprofile" Profile Script Insertion SA1968 plus 19 LifeType ADOdb "server.php" Insecure Test Script Security Issue SA1968 plus 17 warforge.NEWS Multiple Vulnerabilities SA19689 PowerClan "memberid" SQL Injection Vulnerability SA19678 Black Orpheus ClanMemberSkript "userID" SQL Injection SA19677 Fuju News Authentication Bypbutt and SQL Injection SA19672 Musicbox Script Insertion and SQL Injection Vulnerabilities SA19668 plus 1 Dubelu PhpGuestbook Comment Script Insertion Vulnerability SA19668 MyBB Cross-Site Scripting and Variable Manipulation Vulnerabilities SA19665 Coppermine Photo Gallery "file" Local File Inclusion Vulnerability SA19661 PHP Album "datadir" File Inclusion Vulnerability SA19650 Article Publisher Pro SQL Injection Vulnerabilities SA19647 phpWebSite "hubdir" Local File Inclusion Vulnerability SA19645 MODx Cross-Site Scripting and Directory Traversal SA19663 Novell GroupWise Messenger Accept-Language Buffer Overflow SA19725 AWStats "config" Cross-Site Scripting and Full Path Disclosure SA19720 Plexum X5 "plexum.php" SQL Injection Vulnerability SA19711 bMachine Search Feature Cross-Site Scripting SA19710 Calendarix "ycyear" Cross-Site Scripting Vulnerability SA19704 ShoutBOOK Multiple Script Insertion Vulnerabilities SA19701 IntelliLink Pro Multiple Cross-Site Scripting Vulnerabilities SA1968 plus 15 KCScripts Portal Pack Multiple Cross-Site Scripting Vulnerabilities SA19685 PMTool "order" SQL Injection Vulnerabilities SA19681 planetSearch+ "searchexp" Cross-Site Scripting Vulnerability SA19679 LinPHA Cross-Site Scripting Vulnerabilities SA19673 Bitweaver "error" Cross-Site Scripting Vulnerability SA19660 TinyWebGallery "twgalbum" Cross-Site Scripting Vulnerability SA19659 phpMyAdmin "sqlquery" Cross-Site Scripting and SQL Code end SA19655 Visale Cross-Site Scripting Vulnerabilities SA19654 Boardsolution "keyword" Cross-Site Scripting Vulnerability SA19652 phpFaber TopSites "page" Cross-Site Scripting Vulnerability SA19651 Net Clubs Pro Multiple Cross-Site Scripting Vulnerabilities SA19648 FarsiNews "selectedsearcharch" Cross-Site Scripting SA19646 LifeType Template "show" Cross-Site Scripting Vulnerability SA1968 plus 18 Firefox "View Image" Local Resource Linking Weakness
========================================================================
-- Fortune Magazine, 11-29-05: What's your computer setup today? Frederick Brooks: I happily use a Macintosh. It's not been equalled for ease of use, and I want my computer to be a tool, not a challenge. Frederick Brooks is the author of 'The Mythical Man Month'. He spearheaded the movement to modernize computer software engineering in 1975
Mac Security: Update 04212006 &A#JD1Tg!d8
Mac OSX Advocacy from Newsgroups