Alert GCSA-11025 - Apple Security Update 2011-001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11025
Data : 23 Marzo 2011
Titolo : Apple Security Update 2011-001
******************************************************************
:: Descrizione del problema:
Apple ha rilasciato il Security Update 2011-001 per correggere varie
vulnerabilta' che affliggono il sistema operativo Mac OS X ed alcune
applicazioni distribuite insieme al sistema stesso.
Per una descrizione completa delle vulnerabilita' fare riferimento alla
segnalazione ufficiale di Apple.
:: Software interessati:
Apple Mac OS X versione 10.5.8 e precedenti
Apple Mac OS X versioni dalla 10.6 alla 10.6.6
Apple Mac OS X Server versione 10.5.8 e precedenti
Apple Mac OS X Server versioni dalla 10.6 alla 10.6.6
:: Impatto:
Security Bypass
Cross Site Scripting
Spoofing
Privilege escalation
Denial of Service
Accesso al sistema
Esposizione dei dati del sistema
Esposizione di informazioni sensibili
:: Soluzione:
Applicare il Security Update 2011-001:
http://www.apple.com/support/downloads/
:: Riferimenti:
Security Update 2011-001:
http://support.apple.com/kb/HT4581
Secunia:
http://secunia.com/advisories/43814/
VUPEN:
http://www.vupen.com/english/advisories/2011/0726
Mitre CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2950
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0176
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0189
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1417
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTYn92vOB+SpikaiRAQJTHAQAii3hlsn0OS/5R3pvGMiIwGnH1esVZ5ts
HC2Qm8QBsmCqXdJ2FLKTFWpAExZicz2h4ZxbU+YWIAWuuWDWcChEq8nTJ04ttDre
/J7B8HvFF0jFS5kPe2yudERDI7JOH2lxcjHjvIPl8pDA2FsxwR07apPOQvD9D7HY
D8T/rgZTy6Y=
=/rlU
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11025
Data : 23 Marzo 2011
Titolo : Apple Security Update 2011-001
******************************************************************
:: Descrizione del problema:
Apple ha rilasciato il Security Update 2011-001 per correggere varie
vulnerabilta' che affliggono il sistema operativo Mac OS X ed alcune
applicazioni distribuite insieme al sistema stesso.
Per una descrizione completa delle vulnerabilita' fare riferimento alla
segnalazione ufficiale di Apple.
:: Software interessati:
Apple Mac OS X versione 10.5.8 e precedenti
Apple Mac OS X versioni dalla 10.6 alla 10.6.6
Apple Mac OS X Server versione 10.5.8 e precedenti
Apple Mac OS X Server versioni dalla 10.6 alla 10.6.6
:: Impatto:
Security Bypass
Cross Site Scripting
Spoofing
Privilege escalation
Denial of Service
Accesso al sistema
Esposizione dei dati del sistema
Esposizione di informazioni sensibili
:: Soluzione:
Applicare il Security Update 2011-001:
http://www.apple.com/support/downloads/
:: Riferimenti:
Security Update 2011-001:
http://support.apple.com/kb/HT4581
Secunia:
http://secunia.com/advisories/43814/
VUPEN:
http://www.vupen.com/english/advisories/2011/0726
Mitre CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2950
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0176
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0189
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1417
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTYn92vOB+SpikaiRAQJTHAQAii3hlsn0OS/5R3pvGMiIwGnH1esVZ5ts
HC2Qm8QBsmCqXdJ2FLKTFWpAExZicz2h4ZxbU+YWIAWuuWDWcChEq8nTJ04ttDre
/J7B8HvFF0jFS5kPe2yudERDI7JOH2lxcjHjvIPl8pDA2FsxwR07apPOQvD9D7HY
D8T/rgZTy6Y=
=/rlU
-----END PGP SIGNATURE-----