Alert GCSA-13037 - Apple Security Update APPLE-SA-2013-06-04-1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID : GCSA-13037
Data : 5 Giugno 2013
Titolo : Apple Security Update APPLE-SA-2013-06-04-1
**********************************************************************
:: Descrizione del problema:
Apple ha rilasciato il Security Update che corregge
varie vulnerabilita' presenti nel sistema operativo Mac OS X
ed in alcune applicazioni distribuite insieme al sistema stesso.
In questo update e' stato anche rilasciato l'aggiornamento a
OS X Mountain Lion v10.8.4
Per una descrizione completa delle vulnerabilita' consultare
la segnalazione ufficiale.
:: Piattaforme e Software interessati:
Apple Mac Os X Mountain Lion 10.8
Apple Mac Os X Lion 10.7
Apple Mac Os X Snow Leopard 10.6
:: Impatto:
Security Bypass
Esposizione di informazioni sensibili
Acquisizione di privilegi piu' elevati
Denial of Service
Accesso al sistema
Cross site Scripting
:: Soluzione:
Applicare il Security Update 2013-002:
http://www.apple.com/support/downloads/
:: Riferimenti:
APPLE-SA-2013-06-04-1:
http://support.apple.com/kb/HT5784
http://support.apple.com/kb/HT5730
http://prod.lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
Core Security:
http://www.coresecurity.com/advisories/mac-osx-server-directoryservice-buffer-overflow
ISC Diary:
http://isc.sans.edu/diary/Apple+releases+OS+10.8.4/15929
Secunia:
http://secunia.com/advisories/53684/
http://secunia.com/SA44572/
http://secunia.com/SA45781/
http://secunia.com/SA47426/
http://secunia.com/SA47631/
http://secunia.com/SA48847/
http://secunia.com/SA49116/
http://secunia.com/SA53520/
http://secunia.com/SA51753/
http://secunia.com/SA52112/
http://secunia.com/SA51938/
http://secunia.com/SA52656/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3210
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1856
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGwUUwACgkQwZxMk2USYEKq3ACdE2QwjFN4Fi/RNQCRktfQOpA7
BtcAoNC/n2TeTuYeo1UxMkH3O4Yhu7iU
=M8C6
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID : GCSA-13037
Data : 5 Giugno 2013
Titolo : Apple Security Update APPLE-SA-2013-06-04-1
**********************************************************************
:: Descrizione del problema:
Apple ha rilasciato il Security Update che corregge
varie vulnerabilita' presenti nel sistema operativo Mac OS X
ed in alcune applicazioni distribuite insieme al sistema stesso.
In questo update e' stato anche rilasciato l'aggiornamento a
OS X Mountain Lion v10.8.4
Per una descrizione completa delle vulnerabilita' consultare
la segnalazione ufficiale.
:: Piattaforme e Software interessati:
Apple Mac Os X Mountain Lion 10.8
Apple Mac Os X Lion 10.7
Apple Mac Os X Snow Leopard 10.6
:: Impatto:
Security Bypass
Esposizione di informazioni sensibili
Acquisizione di privilegi piu' elevati
Denial of Service
Accesso al sistema
Cross site Scripting
:: Soluzione:
Applicare il Security Update 2013-002:
http://www.apple.com/support/downloads/
:: Riferimenti:
APPLE-SA-2013-06-04-1:
http://support.apple.com/kb/HT5784
http://support.apple.com/kb/HT5730
http://prod.lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
Core Security:
http://www.coresecurity.com/advisories/mac-osx-server-directoryservice-buffer-overflow
ISC Diary:
http://isc.sans.edu/diary/Apple+releases+OS+10.8.4/15929
Secunia:
http://secunia.com/advisories/53684/
http://secunia.com/SA44572/
http://secunia.com/SA45781/
http://secunia.com/SA47426/
http://secunia.com/SA47631/
http://secunia.com/SA48847/
http://secunia.com/SA49116/
http://secunia.com/SA53520/
http://secunia.com/SA51753/
http://secunia.com/SA52112/
http://secunia.com/SA51938/
http://secunia.com/SA52656/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3210
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1856
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGwUUwACgkQwZxMk2USYEKq3ACdE2QwjFN4Fi/RNQCRktfQOpA7
BtcAoNC/n2TeTuYeo1UxMkH3O4Yhu7iU
=M8C6
-----END PGP SIGNATURE-----