Patch/Configuration Management, Vulnerability Management

Apple patches 17 flaws in third May security bulletin

Apple on Thursday released 13 patches, fixing 17 vulnerabilities in Mac OS X.

Among the patches is a fix for four flaws in BIND, the most serious of which can be exploited in a remote DoS attack, according to an advisory released yesterday by Apple.

The flaws exist in OS X versions 10.3.9 and 10.4.9 and OS X Server versions 10.3.9 and 10.4.9.

Apple also patched a file vulnerability that can lead to arbitrary code execution or unexpected application termination when running commands on a malicious file.

An iChat flaw that can be exploited to cause a DoS attack or arbitrary code execution was fixed as well, according to Apple’s advisory.

Also patched was a cryptographic weakness in fetchmail that could lead to the disclosure of passwords, according to Apple.

An Apple representative could not immediately be reached for comment today.

The bulletins marked Apple’s third patch release of the month, following a May 10 release of fixes for two critical vulnerabilities in Darwin Streamer Server 5.5.4.

Apple on May 1 patched a flaw in QuickTime media player that was discovered in a hacking contest at CanSecWest in April.

FrSIRT ranked the package of vulnerabilities as "critical," its highest classification, in an advisory released today.

Secunia, in an advisory released today, ranked the group of flaws as "highly critical," due to hackers’ ability to exploit them for the exposure of sensitive information, privilege escalation, DoS attacks and system access.

US-CERT advised users to apply the patches as soon as possible.

VeriSign iDefense reported that an anonymous researcher reported one of the flaws to its lab, a plugin loading privilege escalation flaw in PPP.

The flaw exists due to insufficient access validation when processing the plugin command line option, according to an iDefense advisory.

For exploitation, an attacker must obtain local access to the victim’s system, according to iDefense.

Apple was first notified of the flaw on Jan. 8, according to iDefense.

Greg MacManus, senior research analyst at VeriSign iDefense, told SCMagazine.com today that the flaw in CoreGraphics could cause problems for end users duped by social engineering attacks.

"It could appear to be from a trusted source, so you might be more likely to open that then other files," he said, adding that it could be used for system takeover in combination with other files.

Craig Schmugar, research manager at McAfee Avert Labs, told SCMagazine.com today that Apple had been in possession of a proof-of-concept exploit for the now-patched flaw in mDNSResponder.

"Clearly the potential for a public exploit is there, and (hackers) are able to turn that around and exploit it fairly quickly," he said. "The knowledge that it exists could lead researchers to create their own versions of the exploit."

Apple credited Michael Lynn of Juniper Networks for reporting the flaw.

Get more IT security news. Click here for SC Magazine Blogs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.