From; Panda Oxygen3: "When something is gained, nothing is lost." Miguel de Cervantes Saavedra (1547-1616). Spanish writer. - Security update for Apple Mac OS X - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, April 20th 2005 - Apple has released an update to correct a series of vulnerabilities detected in the Mac OS X 10.3.9 kernel. The update actually corrects seven problems affecting the kernel and one more which affects the Safari browser: - Denial of service in the processing of certain executable files. - Vulnerability in the nfs_mount() call that could allow denial of service attacks. - System resource starvation because of a vulnerability in the handling of values passed to setsockopt(). - Integer overflow in the searchfs() function that could allow local users to elevate privileges. - Support for setuid/setgid scripts could allow local users to elevate privileges. - Buffer overflow in semop(), which could allow local privilege elevation. - Local denial of service because of a buffer overflow in the syscall emulation functionality. The last of the corrected problems affects Safari and allows remote sites to execute html and javascript code on the local domain. The update can be downloaded from http://www.apple.com/support/downloads/ More information is available on the Apple website, at http://docs.info.apple.com/article.html?artnum=301327 NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------ The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1)Netsky.P; 2)Mhtredir.gen; 3)Qhost.AF; 4)Bagle.CA; 5)Shinwow.E. ------------------------------------------------------------ To contact with Panda Software, please visit: http://www.pandasoftware.com/about/contact/ ------------------------------------------------------------ *********** MIKE"S REPLY SEPARATOR *********** Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe> A Technical Support Alliance and OWTA Charter Member