Alert GCSA-09066 - Apple Security Update 2009-003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
************************************************************************
Alert ID : GCSA-09066
Data : 7 agosto 2009
Titolo : Apple Security Update 2009-003
************************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update 2009-003 per correggere
varie vulnerabilta' che affliggono il sistema operativo Mac OS X
ed alcune applicazioni distribuite insieme al sistema stesso.
:: Software interessato
Mac OS X versione 10.4.11 e precedenti
Mac OS X Server versione 10.4.11 e precedenti
Mac OS X versioni dalla 10.5 alla 10.5.7
Mac OS X Server versioni 10.5 alla 10.5.7
:: Impatto
- Esposizione di informazioni sensibili
- Security Bypass
- Privilege escalation
- DoS
:: Soluzione
Aggiornare il sistema alla versione Mac OS X v10.5.8
o applicare il Security Update 2009-003:
http://www.apple.com/support/downloads/
https://support.apple.com/kb/HT1338?viewlocale=en_US
:: Riferimenti
Apple - About Security Update 2009-003
http://support.apple.com/kb/HT3757
Security Focus
http://www.securityfocus.com/bid/35954
Doe-CIRC TECHNICAL BULLETIN T-204
http://www.doecirc.energy.gov/bulletins/t-204.shtml
US-CERT
http://www.us-cert.gov/current/index.html#apple_releases_mac_os_x1
http://www.us-cert.gov/cas/techalerts/TA09-218A.html
Secunia - Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
http://secunia.com/advisories/36096/
VUPEN
http://www.vupen.com/english/advisories/2009/2172
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2194
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSnwN9/OB+SpikaiRAQL4kwP/eH2HeVC0PmghF/U+jPuyBjgK8/84YgBL
inoqhIv6bK6g1I2IsXK8CixM0+6VaWJv0ssKEh3jJBE04G9B8LrzBz7/S5a7TRxQ
jUXeOFGXJWIMv5Sjl8DuQaZChMSOPVYvCXfujA8HifskEPv4oAcHjJr4RTkjBZpX
a9XGMIF7pRs=
=KO3h
-----END PGP SIGNATURE-----
Hash: SHA1
************************************************************************
Alert ID : GCSA-09066
Data : 7 agosto 2009
Titolo : Apple Security Update 2009-003
************************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update 2009-003 per correggere
varie vulnerabilta' che affliggono il sistema operativo Mac OS X
ed alcune applicazioni distribuite insieme al sistema stesso.
:: Software interessato
Mac OS X versione 10.4.11 e precedenti
Mac OS X Server versione 10.4.11 e precedenti
Mac OS X versioni dalla 10.5 alla 10.5.7
Mac OS X Server versioni 10.5 alla 10.5.7
:: Impatto
- Esposizione di informazioni sensibili
- Security Bypass
- Privilege escalation
- DoS
:: Soluzione
Aggiornare il sistema alla versione Mac OS X v10.5.8
o applicare il Security Update 2009-003:
http://www.apple.com/support/downloads/
https://support.apple.com/kb/HT1338?viewlocale=en_US
:: Riferimenti
Apple - About Security Update 2009-003
http://support.apple.com/kb/HT3757
Security Focus
http://www.securityfocus.com/bid/35954
Doe-CIRC TECHNICAL BULLETIN T-204
http://www.doecirc.energy.gov/bulletins/t-204.shtml
US-CERT
http://www.us-cert.gov/current/index.html#apple_releases_mac_os_x1
http://www.us-cert.gov/cas/techalerts/TA09-218A.html
Secunia - Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
http://secunia.com/advisories/36096/
VUPEN
http://www.vupen.com/english/advisories/2009/2172
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2194
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSnwN9/OB+SpikaiRAQL4kwP/eH2HeVC0PmghF/U+jPuyBjgK8/84YgBL
inoqhIv6bK6g1I2IsXK8CixM0+6VaWJv0ssKEh3jJBE04G9B8LrzBz7/S5a7TRxQ
jUXeOFGXJWIMv5Sjl8DuQaZChMSOPVYvCXfujA8HifskEPv4oAcHjJr4RTkjBZpX
a9XGMIF7pRs=
=KO3h
-----END PGP SIGNATURE-----