Alert GCSA-08061 - Apple Security Update 2008-004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-08061
Data : 01 Luglio 2008
Titolo : Apple Security Update 2008-004
******************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update 2008-004 per correggere
varie vulnerabilta' che affliggono il sistema operativo Mac OS X
:: Software interessato
Apple Mac OS X versioni precedenti alla 10.5.4
:: Impatto
Cross Site Scripting
Denial of Service
Diffusione di informazioni sensibili
Spoofing
Bypass delle restrizioni di sicurezza
Privilege escalation
:: Soluzioni
Aggiornare Mac OS x alla versione 10.5.4
o applicare il Security Update 2008-004 attraverso lo strumento
'Software Update' o scaricandolo da Apple Downloads:
Security Update 2008-004 (PPC):
http://www.apple.com/support/downloads/securityupdate2008004ppc.html
Security Update 2008-004 (Intel):
http://www.apple.com/support/downloads/securityupdate2008004intel.html
Security Update 2008-004 Server (PPC):
http://www.apple.com/support/downloads/securityupdate2008004serverppc.html
Security Update 2008-004 Server (Intel):
http://www.apple.com/support/downloads/securityupdate2008004serverintel.html
Mac OS X 10.5.4 Combo Update:
http://www.apple.com/support/downloads/macosx1054comboupdate.html
Mac OS X 10.5.4 Update:
http://www.apple.com/support/downloads/macosx1054update.html
Mac OS X Server 10.5.4:
http://www.apple.com/support/downloads/macosxserver1054.html
Mac OS X Server Combo 10.5.4:
http://www.apple.com/support/downloads/macosxservercombo1054.html
:: Riferimenti
Apple:
http://support.apple.com/kb/HT2163
Secunia:
http://secunia.com/advisories/30802/
Mitre's CVE ID:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2309
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2310
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2311
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSGoH7fOB+SpikaiRAQJ18AQAxKzn68xoRo8KeWqvH91hRRYDV82OuyvG
B4mE56QRVDb6JlmpTmpeo1b2yF76qSgfKFwyFFPv11SiSFjj7I+TfSA+pfet89/4
vJUqBOeNwOOxiugg1xsmQNl6hb4jOOs4Dj5SmkcMSHx/Nr/PullMRzTyigvrvrK5
Hyqz8jsTOsk=
=qNWd
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-08061
Data : 01 Luglio 2008
Titolo : Apple Security Update 2008-004
******************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update 2008-004 per correggere
varie vulnerabilta' che affliggono il sistema operativo Mac OS X
:: Software interessato
Apple Mac OS X versioni precedenti alla 10.5.4
:: Impatto
Cross Site Scripting
Denial of Service
Diffusione di informazioni sensibili
Spoofing
Bypass delle restrizioni di sicurezza
Privilege escalation
:: Soluzioni
Aggiornare Mac OS x alla versione 10.5.4
o applicare il Security Update 2008-004 attraverso lo strumento
'Software Update' o scaricandolo da Apple Downloads:
Security Update 2008-004 (PPC):
http://www.apple.com/support/downloads/securityupdate2008004ppc.html
Security Update 2008-004 (Intel):
http://www.apple.com/support/downloads/securityupdate2008004intel.html
Security Update 2008-004 Server (PPC):
http://www.apple.com/support/downloads/securityupdate2008004serverppc.html
Security Update 2008-004 Server (Intel):
http://www.apple.com/support/downloads/securityupdate2008004serverintel.html
Mac OS X 10.5.4 Combo Update:
http://www.apple.com/support/downloads/macosx1054comboupdate.html
Mac OS X 10.5.4 Update:
http://www.apple.com/support/downloads/macosx1054update.html
Mac OS X Server 10.5.4:
http://www.apple.com/support/downloads/macosxserver1054.html
Mac OS X Server Combo 10.5.4:
http://www.apple.com/support/downloads/macosxservercombo1054.html
:: Riferimenti
Apple:
http://support.apple.com/kb/HT2163
Secunia:
http://secunia.com/advisories/30802/
Mitre's CVE ID:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2309
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2310
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2311
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSGoH7fOB+SpikaiRAQJ18AQAxKzn68xoRo8KeWqvH91hRRYDV82OuyvG
B4mE56QRVDb6JlmpTmpeo1b2yF76qSgfKFwyFFPv11SiSFjj7I+TfSA+pfet89/4
vJUqBOeNwOOxiugg1xsmQNl6hb4jOOs4Dj5SmkcMSHx/Nr/PullMRzTyigvrvrK5
Hyqz8jsTOsk=
=qNWd
-----END PGP SIGNATURE-----