Executive Summary
Summary | |
---|---|
Title | Apple Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA08-043B | First vendor Publication | 2008-02-12 |
Vendor | US-CERT | Last vendor Modification | 2008-02-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Apple has released Security Update 2008-001 and OS X version 10.5.2 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service. I. Description Apple Security Update 2008-001 and Apple Mac OS X version 10.5.2 The update also addresses vulnerabilities in other vendors' products that ship with Apple OS X or OS X Server. These products include Samba and X11. II. Impact The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution, sensitive information disclosure, and denial of service. III. Solution Install updates from Apple Install Apple Security Update 2008-001 or Apple Mac OS X version |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA08-043B.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
27 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
18 % | CWE-399 | Resource Management Errors |
18 % | CWE-264 | Permissions, Privileges, and Access Controls |
18 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
9 % | CWE-200 | Information Exposure |
9 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11572 | |||
Oval ID: | oval:org.mitre.oval:def:11572 | ||
Title: | Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request. | ||
Description: | Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6015 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17746 | |||
Oval ID: | oval:org.mitre.oval:def:17746 | ||
Title: | USN-556-1 -- samba vulnerability | ||
Description: | Alin Rad Pop discovered that Samba did not correctly check the size of reply packets to mailslot requests. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-556-1 CVE-2007-6015 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | samba |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18113 | |||
Oval ID: | oval:org.mitre.oval:def:18113 | ||
Title: | DSA-1385-1 xfs | ||
Description: | Sean Larsson discovered that two code paths inside the X Font Server handle integer values insecurely, which may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1385-1 CVE-2007-4568 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xfs |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18457 | |||
Oval ID: | oval:org.mitre.oval:def:18457 | ||
Title: | DSA-1427-1 samba - buffer overflow | ||
Description: | Alin Rad Pop discovered that Samba, a LanManager-like file and printer server for Unix, is vulnerable to a buffer overflow in the nmbd code which handles GETDC mailslot requests, which might lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1427-1 CVE-2007-6015 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | samba |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21715 | |||
Oval ID: | oval:org.mitre.oval:def:21715 | ||
Title: | ELSA-2007:1114: samba security and bug fix update (Critical) | ||
Description: | Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1114-01 CVE-2007-6015 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | samba |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5605 | |||
Oval ID: | oval:org.mitre.oval:def:5605 | ||
Title: | HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code | ||
Description: | Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6015 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.2 Update / Mac OS X Security Update 2008-001 File : nvt/macosx_upd_10_5_2_secupd_2008-001.nasl |
2010-02-15 | Name : Solaris Update for Samba 114685-15 File : nvt/gb_solaris_114685_15.nasl |
2010-02-15 | Name : Solaris Update for Samba 114684-15 File : nvt/gb_solaris_114684_15.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : Solaris Update for Samba 119758-16 File : nvt/gb_solaris_119758_16.nasl |
2009-10-13 | Name : Solaris Update for Samba 119757-16 File : nvt/gb_solaris_119757_16.nasl |
2009-10-13 | Name : Solaris Update for Samba 114684-14 File : nvt/gb_solaris_114684_14.nasl |
2009-10-13 | Name : Solaris Update for Samba 114685-14 File : nvt/gb_solaris_114685_14.nasl |
2009-10-10 | Name : SLES9: Security update for Samba File : nvt/sles9p5018048.nasl |
2009-10-10 | Name : SLES9: Security update for Samba File : nvt/sles9p5013978.nasl |
2009-09-23 | Name : Solaris Update for Samba 119758-15 File : nvt/gb_solaris_119758_15.nasl |
2009-09-23 | Name : Solaris Update for Samba 119757-15 File : nvt/gb_solaris_119757_15.nasl |
2009-06-03 | Name : Solaris Update for Samba 119757-14 File : nvt/gb_solaris_119757_14.nasl |
2009-06-03 | Name : Solaris Update for Samba 114684-13 File : nvt/gb_solaris_114684_13.nasl |
2009-06-03 | Name : Solaris Update for Samba 114685-13 File : nvt/gb_solaris_114685_13.nasl |
2009-06-03 | Name : Solaris Update for Samba 119758-14 File : nvt/gb_solaris_119758_14.nasl |
2009-05-05 | Name : HP-UX Update for HP CIFS Server (Samba) HPSBUX02341 File : nvt/gb_hp_ux_HPSBUX02341.nasl |
2009-05-05 | Name : HP-UX Update for HP CIFS Server (Samba) HPSBUX02316 File : nvt/gb_hp_ux_HPSBUX02316.nasl |
2009-04-09 | Name : Mandriva Update for xfs MDKSA-2007:210 (xfs) File : nvt/gb_mandriva_MDKSA_2007_210.nasl |
2009-04-09 | Name : Mandriva Update for samba MDKSA-2007:244 (samba) File : nvt/gb_mandriva_MDKSA_2007_244.nasl |
2009-03-23 | Name : Ubuntu Update for samba vulnerability USN-556-1 File : nvt/gb_ubuntu_USN_556_1.nasl |
2009-03-06 | Name : RedHat Update for samba RHSA-2007:1114-01 File : nvt/gb_RHSA-2007_1114-01_samba.nasl |
2009-03-06 | Name : RedHat Update for XFree86 RHSA-2008:0029-01 File : nvt/gb_RHSA-2008_0029-01_XFree86.nasl |
2009-03-06 | Name : RedHat Update for xorg-x11 RHSA-2008:0030-01 File : nvt/gb_RHSA-2008_0030-01_xorg-x11.nasl |
2009-02-27 | Name : Fedora Update for samba FEDORA-2007-4269 File : nvt/gb_fedora_2007_4269_samba_fc7.nasl |
2009-02-27 | Name : Fedora Update for xorg-x11-xfs FEDORA-2007-4263 File : nvt/gb_fedora_2007_4263_xorg-x11-xfs_fc7.nasl |
2009-02-27 | Name : Fedora Update for samba FEDORA-2007-4275 File : nvt/gb_fedora_2007_4275_samba_fc8.nasl |
2009-02-27 | Name : CentOS Update for samba CESA-2007:1114-01 centos2 i386 File : nvt/gb_CESA-2007_1114-01_samba_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for xorg-x11 CESA-2008:0030 centos4 x86_64 File : nvt/gb_CESA-2008_0030_xorg-x11_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for xorg-x11 CESA-2008:0030 centos4 i386 File : nvt/gb_CESA-2008_0030_xorg-x11_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for XFree86-100dpi-fonts CESA-2008:0029 centos3 x86_64 File : nvt/gb_CESA-2008_0029_XFree86-100dpi-fonts_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for XFree86-100dpi-fonts CESA-2008:0029 centos3 i386 File : nvt/gb_CESA-2008_0029_XFree86-100dpi-fonts_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for XFree86 CESA-2008:0029-01 centos2 i386 File : nvt/gb_CESA-2008_0029-01_XFree86_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for samba CESA-2007:1114 centos3 x86_64 File : nvt/gb_CESA-2007_1114_samba_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for samba CESA-2007:1114 centos3 i386 File : nvt/gb_CESA-2007_1114_samba_centos3_i386.nasl |
2009-02-17 | Name : Fedora Update for samba FEDORA-2008-4679 File : nvt/gb_fedora_2008_4679_samba_fc8.nasl |
2009-02-16 | Name : Fedora Update for samba FEDORA-2008-10638 File : nvt/gb_fedora_2008_10638_samba_fc8.nasl |
2009-01-28 | Name : SuSE Update for samba SUSE-SA:2007:068 File : nvt/gb_suse_2007_068.nasl |
2009-01-28 | Name : SuSE Update for XOrg SUSE-SA:2007:054 File : nvt/gb_suse_2007_054.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200710-11 (xfs) File : nvt/glsa_200710_11.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200712-10 (samba) File : nvt/glsa_200712_10.nasl |
2008-09-04 | Name : FreeBSD Ports: xfs File : nvt/freebsd_xfs.nasl |
2008-09-04 | Name : FreeBSD Ports: samba, samba3, ja-samba File : nvt/freebsd_samba13.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1427-1 (samba) File : nvt/deb_1427_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-344-01 samba File : nvt/esoft_slk_ssa_2007_344_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
41508 | Apple Mac OS X X11 Network Connection Restriction Bypass Mac OS X contains a flaw that in the Security Preferences Panel. The issue is triggered by the X11 server, which fails to correctly read the "Allow connections from network client" preferense. It is possible that the flaw may allow unintended network access to X11 applications resulting in a loss of integrity. |
41507 | Apple Mac OS X Launch Services Time Machine Backup Uninstalled Application Ex... Mac OS X contains a flaw that may allow an uninstalled application to be launched. The issue is triggered when LaunchServices finds a copy of an uninstalled application in a Time Machine backup. It is possible that the flaw may allow unauthorized programs to run resulting in a loss of integrity. |
41506 | Apple Mac OS X Mail file:// URL Handling Arbitrary Command Execution Mac OS X contains a flaw that may allow a context-dependent attacker to execute arbitrary applications on a target system. The issue is triggered by improper handling of file:// URLs in the Mail application. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
41505 | Apple Mac OS X NFS Unspecified Memory Corruption DoS An unspecified memory corruption flaw exists in Mac OS X. NFS fails to validate mbuf chains resulting in a memory corruption. A malicious remote NFS client or server can cause arbitrary code execution resulting in a loss of integrity. |
41504 | Apple Mac OS X Parental Controls Presence Disclosure Mac OS X contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when a site is unblocked using Parental Controls and www.apple.com is notified, which will disclose that Parental Controls are enabled resulting in a loss of confidentiality. |
41503 | Apple Mac OS X Terminal.app Unspecified URL Handling Argument Injection A code execution flaw exists in Mac OS X. Terminal.app fails to validate URLs resulting in a controlled command-line execution. With a specially crafted URL, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
40891 | Apple iPhone / iPod Foundation Crafted URL Remote DoS |
39191 | Samba nmdb send_mailslot() Function GETDC mailslot Request Remote Overflow |
37721 | X.Org X Font Server (xfs) build_range Function Overflow |
32693 | Apple Mac OS X Minimal SLP v2 Service Agent (slpd) Registration Request Overflow A buffer overflow exists in Mac OS X. slpd fails to validate the attr-list field of registration requests resulting in a stack overflow. With a specially crafted request, a local attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Samba send_mailslot buffer overflow attempt RuleID : 17661 - Revision : 10 - Type : SERVER-SAMBA |
2014-01-10 | X.Org X Font Server QueryXBitmaps and QueryXExtents Handlers integer overflow... RuleID : 15382 - Revision : 10 - Type : SERVER-OTHER |
2014-01-10 | Samba send_mailslot buffer overflow attempt RuleID : 13291 - Revision : 11 - Type : SERVER-SAMBA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0030.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0029.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1114.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1117.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080118_XFree86_on_SL3.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080117_xorg_x11_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071210_samba_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0030.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12002.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2008-0003.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_2.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-001.nasl - Type : ACT_GATHER_INFO |
2008-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0029.nasl - Type : ACT_GATHER_INFO |
2008-01-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0029.nasl - Type : ACT_GATHER_INFO |
2008-01-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0030.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-556-1.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_ffcbd42da8c511dcbec202e0185f8d72.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xorg-x11-4485.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cifs-mount-4780.nasl - Type : ACT_GATHER_INFO |
2007-12-12 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-244.nasl - Type : ACT_GATHER_INFO |
2007-12-12 | Name : The remote openSUSE host is missing a security update. File : suse_cifs-mount-4777.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-344-01.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1114.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1427.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4263.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1114.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4269.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4275.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-10.nasl - Type : ACT_GATHER_INFO |
2007-12-10 | Name : The remote Samba server may be affected by a buffer overflow vulnerability. File : samba_3_0_28.nasl - Type : ACT_GATHER_INFO |
2007-11-07 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-210.nasl - Type : ACT_GATHER_INFO |
2007-10-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200710-11.nasl - Type : ACT_GATHER_INFO |
2007-10-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1385.nasl - Type : ACT_GATHER_INFO |
2007-10-09 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a5f667db759611dc8b7a0019b944b34e.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 114684-17 File : solaris9_114684.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 114685-17 File : solaris9_x86_114685.nasl - Type : ACT_GATHER_INFO |