[virusinfo] Security update for Apple Mac OS X - 4/20/05

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Thu, 21 Apr 2005 08:47:24 -0700

From; Panda Oxygen3:

"When something is gained, nothing is lost." 
         Miguel de Cervantes Saavedra (1547-1616). Spanish writer. 

               - Security update for Apple Mac OS X - 
         Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) 

Madrid, April 20th 2005 - Apple has released an update to correct a series
of vulnerabilities detected in the Mac OS X 10.3.9 kernel.

The update actually corrects seven problems affecting the kernel and one
more which affects the Safari browser: 

- Denial of service in the processing of certain executable files. 
- Vulnerability in the nfs_mount() call that could allow denial of service
attacks. 
- System resource starvation because of a vulnerability in the handling of
values passed to setsockopt(). 
- Integer overflow in the searchfs() function that could allow local users
to elevate privileges. 
- Support for setuid/setgid scripts could allow local users to elevate
privileges. 
- Buffer overflow in semop(), which could allow local privilege elevation. 
- Local denial of service because of a buffer overflow in the syscall
emulation functionality. 

The last of the corrected problems affects Safari and allows remote sites
to execute html and javascript code on the local domain.

The update can be downloaded from http://www.apple.com/support/downloads/ 
More information is available on the Apple website, at
http://docs.info.apple.com/article.html?artnum=301327 

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.

------------------------------------------------------------ 

The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner: 
1)Netsky.P; 2)Mhtredir.gen; 3)Qhost.AF; 4)Bagle.CA; 5)Shinwow.E.

------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Security update for Apple Mac OS X - 4/20/05

1. Home
2. virusinfo
3. Archive
4. 04-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---