madison

Zero Day

Ryan Naraine and Dancho Danchev
Home / News & Blogs / Zero Day

Apple patches 13 Mac OS X vulnerabilities

By | August 24, 2010, 2:19pm PDT

Summary: The patch includes fixes for security holes in several open-source components, including ClamAV and PHP.

Apple has shipped a new Mac OS X security update to fix 13 documented vulnerabilities, some serious enough to expose users to remote code execution attacks.

The patch includes fixes for security holes in several open-source components, including ClamAV and PHP.

Here’s a quick look at the vulnerabilities and affected components.

  • CVE-2010-1808:  A stack buffer overlow exists in Apple Type Services’ handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.
  • CVE-2010-1800: CFNetwork permits anonymous TLS/SSL connections. This may allow a man-in-the-middle attacker to redirect connections and intercept user credentials or other sensitive information. This issue does not affect the Mail application. This issue is addressed by disabling anonymous TLS/SSL connections. This issue does not affect systems prior to Mac OS X v10.6.3.
  • ClamAV (CVE-ID:  CVE-2010-0098, CVE-2010-1311): Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.96.1. ClamAV is distributed only with Mac OS X Server systems.
  • CVE-2010-1801:  A heap buffer overflow exists in CoreGraphics’ handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking.
  • CVE-2010-1802: An issue exists in the handling of certificate host names. For host names containing three or more components, the last characters are not properly compared. In the case of a name containing exactly three components, only the last character is not checked. For example, if an attacker in a privileged network position could obtain a certificate for www.example.con the attacker can impersonate www.example.com.
  • PHP (CVE-2010-1205): A buffer overflow exists in PHP’s libpng library. Loading a maliciously crafted PNG image may lead to an unexpected application termination or arbitary code execution.
  • PHP (CVE-2010-1129, CVE-2010-0397, CVE-2010-2225, CVE-2010-2531, CVE-2010-2484): PHP is updated to version 5.3.2 to address multiple vulnerabilities, the most serious of which may lead to arbitary code execution.
  • CVE-2010-2063: A buffer overflow exists in Samba. An unauthenticated remote attacker may cause a denial of service or arbitrary code execution by sending a maliciously crafted packet. This issue is addressed by performing additional validation of packets in Samba.

Security Update 2010-005 is available from the Mac OS X Software Update pane in System Preferences.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Apple Macintosh, Mac OS X Server, Server, Issue, Arbitrary Code Execution, Impact, ClamAV Description, Apple Mac OS X, Apple Mac OS, Operating Systems, Software, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a security evangelist. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Talkback Most Recent of 45 Talkback(s)

  • RE: Apple patches 13 Mac OS X vulnerabilities
    13 patches? Doesn't this qualify for some stupid headline like "Apple releases mega monster mother load of all patches" like we see for other operating systems?
    ZDNet Gravatar
    Loverock Davidson
    24th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @Loverock Davidson
    Well said!
    ZDNet Gravatar
    redash79
    24th Aug 2010
  • No, more like we should see an article
    on how zero-day exploits are no big deal. Right after that wonderful Window lnk bug.
    ZDNet Gravatar
    frgough
    24th Aug 2010
  • We removed one piece of software that gave our engineers
    headaches to no ends.

    It was called OS X.

    plain
    ZDNet Gravatar
    Mister Spock
    24th Aug 2010
    • Flagged
  • We removed one piece of software that gave our engineers
    What a great bunch of engineers.
    ZDNet Gravatar
    yobtaf
    25th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @Loverock Davidson Probably if Macs had 20 billion variants of viruses effecting their systems like Windows.

    It is not much of a story when nobody that runs a Mac even runs Anti-virus or malware applications!! I would never expect you to understand logic and reasoning though!! You are the guy that will post "Macs are vulnerable" due to some article that claims ONE piece of software was written and completely ignore the ignorance in posting such a thing from Windows!! But rock on loser!
    ZDNet Gravatar
    ctunk
    24th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @ctunk When I worked at a helpdesk at a mac college back in my day (And yes it was OSX) we had macs that were exploited and a part of botnets on campus... Hell an incompetent prof in the computer science department had a whole lab that had fallen victim! It happens, I've seen it in the wild... Deal with it and admit it it'll make your life easier. Security by obscurity is not security ever.
    ZDNet Gravatar
    snoop0x7b
    25th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @ctunk

    My favorite thing to point out to any babble mouth Mac user when they state "we don't get virus's" or "doesn't happen on an Apple" is just this... How would you know if you've gotten a virus if you don't use protection? Wasn't there a similar argument when they said that only gay people got AIDS? Apple has the most insecure software, their users are blinded by advertising and word of mouth. Maybe you are smeared with spyware, adware and such and don't even know it since most of the internet is riddled with stupid advertisements anyway. I say as long as you're happy with what you have then great. I actually don't mind the AV soft like MSE... I never notice it and never come across anything really and even then it creates thought where most Apple users appear thoughtless.
    ZDNet Gravatar
    audidiablo
    25th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @snoop0x7b
    The only thing that your post proves is that you had incompetent sys admins, most likely yourself included.
    First, bringing up a college network and claiming it makes any kind of point is ridiculous, as there is a very high chance that the "malware" in question was purposely installed on the machines in question by student pranksters.
    Second, WTF is a "mac college," let alone an "OSX mac college"? I guess I shouldn't expect you to understand basic English sentence structure.
    Third, please list the exact botnet strain you claim you personally experienced, as well as the year, and the college effected. To put it mildly, I think you are full of it.
    ZDNet Gravatar
    DeusXMachina
    26th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @audidiablo
    "My favorite thing to point out to any babble mouth Mac user when they state "we don't get virus's" or "doesn't happen on an Apple" is just this... How would you know if you've gotten a virus if you don't use protection?"

    First, you are in NO position to cast aspersions on anyone. You can't even manage to use a simple apostrophe correctly.
    Second, there ARE no OSX viruses. Period. Please feel free to name one, and have it explained once again how trojans are not viruses.

    Third, sorry, but you are an ignoramus. You think using protection informs you that you are infected? And then you bring up A.I.D.S.?!? How, pray tell, do condoms "inform you" that they have been infected?!? How do people know? because they experience the symptoms of an infection, just like they would in both real life as well as computer systems.


    "Apple has the most insecure software, their users are blinded by advertising and word of mouth."

    Oh really? Ever been to a DefCon? Take stock of the machines people bring? Sea of macs there, buddy. Or are you claiming security researchers know nothing about security or enjoy having their systems broken into, or both?
    You want to talk about word of mouth? The ENTIRE base of your knowledge of OSX is word of mouth.

    "Maybe you are smeared with spyware, adware and such and don't even know it since most of the internet is riddled with stupid advertisements anyway."

    That clinches it. Those two things are ENTIRELY unrelated. You'd know that if you knew even next to NOTHING about security.
    ZDNet Gravatar
    DeusXMachina
    26th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @ctunk
    if they are not running av software. then you have no way of knowing if you have a virus or not...

    So by your own words. there could be millions of infected macs out there and no one would even know..

    But then again who really cares about anyting dealing with macs.
    ZDNet Gravatar
    rparker009
    26th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @rparker009

    "@ctunk
    if they are not running av software. then you have no way of knowing if you have a virus or not...

    So by your own words. there could be millions of infected macs out there and no one would even know.."

    Being that ctunk never SAID that, I fail to see your point.
    Or are you simply a liar?

    "But then again who really cares about anyting dealing with macs."

    Apparently you. Why else would you be reading this blog. Oh yeah, I forgot. You're a troll.

    And BTW, elipses have three dots, not two. And sentences end in periods, not random numbers of dots.
    ZDNet Gravatar
    DeusXMachina
    28th Aug 2010
  • RE: Apple patches 13 Mac OS X vulnerabilities
    @Loverock Davidson

    No, the proper headline, given past history, would be "Apple zings users with 13 vulnerabilities."

    Headlines for Apple patches assume that the patches actually create vulnerabilities. Headlines for Windows patches assume that any patch over 1MB is a 'Megapatch.'

    I think this is part of the ZDNet Style Guide.
    ZDNet Gravatar
    msalzberg
    25th Aug 2010
  • As usual Apple is late with patches, putting customers at risk
    Several of these bugs were patched several months ago by Linux distros. Reported months before that.

    Which means that Apple is hanging their customers out to dry while specific vulnerability information is public.

    The libpng vulns are especially concerning. Anyone who wanted to exploit OS X could have done that using these "arbitrary code execution" bugs. Did they?

    Apples OS X does very, very little (compared to other OSes) to prevent exploitation of vulnerabilities. No sensible ASLR, no proper sandbox, nada, zilch.
    ZDNet Gravatar
    honeymonster
    24th Aug 2010
  • Apple absolutely stinks in updating its open source
    components to the latest versions.
    ZDNet Gravatar
    frgough
    24th Aug 2010
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
Click Here