Apple Mega Patch Plugs 20 Mac OS X Holes

Security flaws in Panther could allow remote or local attackers to execute arbitrary commands, cause denial-of-service conditions or obtain elevated privileges.

Apple Computer late Tuesday released an update to fix a whopping 20 security flaws in its flagship Mac OS X and warned that the most serious bugs could lead to remote code execution attacks.

Apple Computer Inc.s Security Update 2005-005 includes patches for Mac OS X v10.3.9 and Mac OS X Server v10.3.9. It covers a wide range of vulnerabilities that could be exploited by remote or local attackers to execute arbitrary commands, trigger a denial-of-service condition or obtain elevated privileges.

The mega update comes just two weeks after the Cupertino, Calif.-based computer maker shipped patches for a range of potentially serious kernel and browser flaws. Since April 18, Apple has posted fixes for 28 Mac OS X vulnerabilities.

The latest update includes fixes for a buffer overflow in the Apache htdigest program and an integer overflow in the handling of TIFF files that could permit arbitrary code execution.

"A malformed TIFF image could contain parameters that result in image data overwriting the heap. This issue has been addressed by adding additional tests when calculating the space needed for an image," Apple said.

It also plugs a local code execution hole in the Netinfo Setup Tool (NeST) that was discovered and reported by private research outfit iDefense Inc. Local attackers could exploit the NeST bug by supplying an overly long value to overflow the buffer and execute arbitrary code.

A pair of Bluetooth vulnerabilities also are fixed, along with a denial-of-service bug in the operating systems AppKit.

A buffer overflow in the Mac OS X Foundation framework gets patched along with a Help Viewer vulnerability that could be used to run JavaScript without the restrictions normally imposed.

A pair of denial-of-service and code-execution holes are plugged in libXpm, while two separate vulnerabilities in the Terminal utility are addressed. One of the Terminal flaws allows window titles to be read as input via a particular escape sequence. This could allow malicious content to inject data when it is displayed in a Terminal session, Apple warned.

The update also addresses bugs in AppleScript, Directory Services, Finder, LDAP, lukemftpd, Server Admin, sudo and VPN.


Check out eWEEK.coms for the latest news, reviews and analysis on Apple in the enterprise.