Alert GCSA-08073 - Apple Security Update 2008-005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
************************************************************************
Alert ID : GCSA-08073
Data : 01 agosto 2008
Titolo : Apple Security Update 2008-005
************************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update 2008-005 per correggere
varie vulnerabilta' che affliggono il sistema operativo Mac OS X
ed alcune applicazioni distribuite insieme al sistema stesso.
:: Software interessato
Apple Mac OS X v10.4.11 e precedenti
Apple Mac OS X v10.5.4 e precedenti
L'aggiornamento riguarda sia i sistemi Intel-based
sia quelli PowerPC-based.
:: Impatto
Security Bypass
Spoofing
Privilege escalation
Denial of Service
System access
:: Soluzione
Applicare il Security Update 2008-005 attraverso lo strumento
'Software Update' o scaricandolo da Apple Downloads:
Security Update 2008-005 (PPC)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005ppc.html
Security Update 2008-005 (Intel)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005intel.html
Security Update 2008-005 Server (PPC)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005serverppc.html
Security Update 2008-005 Server (Intel)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005serverintel.html
Security Update 2008-005 Server (Leopard)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005leopard.html
:: Riferimenti
Apple - About Security Update 2008-005
http://support.apple.com/kb/HT2647
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6200
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2320
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2321
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2322
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2323
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952
Secunia
http://secunia.com/advisories/31326/
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSJMC9POB+SpikaiRAQKL1QP/S/ZVQCCG9RIo9js597f7wcR86VsVQA2l
HorqLqVXUSOlFOI8W1+GG15VRPgv8cKQ9nNKAUaeXaX6izBOLcIwS3TUHBC+pvf7
S3k4gJzNlFuKV3bi4O4MnN9ZbwbXRG2lJxRCVCkUT1X1ruYsMrPY4/UOcbtJtbjq
Slzdy+U+z/Y=
=eVRL
-----END PGP SIGNATURE-----
Hash: SHA1
************************************************************************
Alert ID : GCSA-08073
Data : 01 agosto 2008
Titolo : Apple Security Update 2008-005
************************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update 2008-005 per correggere
varie vulnerabilta' che affliggono il sistema operativo Mac OS X
ed alcune applicazioni distribuite insieme al sistema stesso.
:: Software interessato
Apple Mac OS X v10.4.11 e precedenti
Apple Mac OS X v10.5.4 e precedenti
L'aggiornamento riguarda sia i sistemi Intel-based
sia quelli PowerPC-based.
:: Impatto
Security Bypass
Spoofing
Privilege escalation
Denial of Service
System access
:: Soluzione
Applicare il Security Update 2008-005 attraverso lo strumento
'Software Update' o scaricandolo da Apple Downloads:
Security Update 2008-005 (PPC)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005ppc.html
Security Update 2008-005 (Intel)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005intel.html
Security Update 2008-005 Server (PPC)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005serverppc.html
Security Update 2008-005 Server (Intel)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005serverintel.html
Security Update 2008-005 Server (Leopard)
http://www.apple.com/downloads/macosx/apple/security_updates/securityupdate2008005leopard.html
:: Riferimenti
Apple - About Security Update 2008-005
http://support.apple.com/kb/HT2647
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6200
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2320
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2321
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2322
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2323
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952
Secunia
http://secunia.com/advisories/31326/
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSJMC9POB+SpikaiRAQKL1QP/S/ZVQCCG9RIo9js597f7wcR86VsVQA2l
HorqLqVXUSOlFOI8W1+GG15VRPgv8cKQ9nNKAUaeXaX6izBOLcIwS3TUHBC+pvf7
S3k4gJzNlFuKV3bi4O4MnN9ZbwbXRG2lJxRCVCkUT1X1ruYsMrPY4/UOcbtJtbjq
Slzdy+U+z/Y=
=eVRL
-----END PGP SIGNATURE-----