Alert GCSA-09101 - Apple Security Update 2009-006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
************************************************************************
Alert ID : GCSA-091001
Data : 10 Novembre 2009
Titolo : Apple Security Update 2009-006
************************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update 2009-006 per correggere
varie vulnerabilta' che affliggono il sistema operativo Mac OS X
ed alcune applicazioni distribuite insieme al sistema stesso.
:: Software interessato
Apple Macintosh OS X
:: Impatto
- - - Esposizione di informazioni sensibili
- - - Security Bypass
- - - Cross Site Scripting
- - - Privilege escalation
- - - DoS
- - - Spoofing
- - - Manipolazioni di dati
- - - Accesso al sistema
- - - Attacchi brute force
:: Soluzione
Aggiornare il sistema alla versione Mac OS X v10.6.2
o applicare il Security Update 2009-006:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple
http://support.apple.com/kb/HT3937
Secunia
http://secunia.com/advisories/37313/
VUPEN
http://www.vupen.com/english/advisories/2009/3184
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSvmFJ/OB+SpikaiRAQLAbwP6AohGbM8NSoPGrf4zzX6LOXZxmeQ1mHXn
9H2EFqAehUelO78K2MfBDNwHaZJqkM8R8ZIHLZA+q7t1SJmCbwVf5n9vSMzD7Y9H
I7pqaj3FWdkcNjEfUO3/GEgsshh8dmH+d2BjEmwfi9crOMdPbDrSl58rE1dV92it
Klo6XR0rBZw=
=dXwy
-----END PGP SIGNATURE-----
Hash: SHA1
************************************************************************
Alert ID : GCSA-091001
Data : 10 Novembre 2009
Titolo : Apple Security Update 2009-006
************************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update 2009-006 per correggere
varie vulnerabilta' che affliggono il sistema operativo Mac OS X
ed alcune applicazioni distribuite insieme al sistema stesso.
:: Software interessato
Apple Macintosh OS X
:: Impatto
- - - Esposizione di informazioni sensibili
- - - Security Bypass
- - - Cross Site Scripting
- - - Privilege escalation
- - - DoS
- - - Spoofing
- - - Manipolazioni di dati
- - - Accesso al sistema
- - - Attacchi brute force
:: Soluzione
Aggiornare il sistema alla versione Mac OS X v10.6.2
o applicare il Security Update 2009-006:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple
http://support.apple.com/kb/HT3937
Secunia
http://secunia.com/advisories/37313/
VUPEN
http://www.vupen.com/english/advisories/2009/3184
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSvmFJ/OB+SpikaiRAQLAbwP6AohGbM8NSoPGrf4zzX6LOXZxmeQ1mHXn
9H2EFqAehUelO78K2MfBDNwHaZJqkM8R8ZIHLZA+q7t1SJmCbwVf5n9vSMzD7Y9H
I7pqaj3FWdkcNjEfUO3/GEgsshh8dmH+d2BjEmwfi9crOMdPbDrSl58rE1dV92it
Klo6XR0rBZw=
=dXwy
-----END PGP SIGNATURE-----