Security Update 2005-006


Software Update will give you the lowdown, but for those as yet unaware, Security Update 2005-006 is now available for your enjoyment, incorporating fixes relating to:

  • AFP (AppleTalk File Sharing) Server – buffer overflow; ACL-related issues
  • Bluetooth – insufficient input checking – wrongly able to access files outside of the default directory
  • CoreGraphics – crash; privilege escalation
  • Folder Permissions – file race condition
  • launchd – privilege escalation
  • LaunchServices – download safety check bypassable
  • MCX client – “Portable Home Directory credentials may be available to local system users”
  • NFS – implementation bug
  • PHP – multiple vulnerabilities, including remote DOS and code execution
  • VPN – privilege escalation due to buffer overflow

The details are here.

Comments are closed.