Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - APPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

APPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3

Published: 2010-03-29
Last Updated: 2011-02-08 23:46:12 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

Apple has published a security update covering a number of issues, with varying impacts.

Security Update 2010-002 / Mac OS X v10.6.3 is now available and addresses the following:

AppKit:  CVE-ID:  CVE-2010-0056
Application Firewall:  CVE-ID:  CVE-2009-2801
AFP Server:  CVE-ID:  CVE-2010-0057, CVE-2010-0533
Apache:  CVE-ID:  CVE-2009-3095
ClamAV:  CVE-ID:  CVE-2010-0058
CoreAudio:  CVE-ID:  CVE-2010-0059, CVE-2010-0060
CoreMedia:  CVE-ID:  CVE-2010-0062
CoreTypes:  CVE-ID:  CVE-2010-0063
CUPS:  CVE-ID:  CVE-2010-0393
curl:  CVE-ID:  CVE-2009-2417, CVE-2009-0037
Cyrus:  IMAP CVE-ID:  CVE-2009-2632
Cyrus SASL:  CVE-ID:  CVE-2009-0688
DesktopServices:  CVE-ID:  CVE-2010-0064, CVE-2010-0537
Disk Images: CVE-ID:  CVE-2010-0065, CVE-2010-0497
Directory Services:  CVE-ID:  CVE-2010-0498
Dovecot:  CVE-ID:  CVE-2010-0535
Event Monitor:  CVE-ID:  CVE-2010-0500
FreeRADIUS:  CVE-ID:  CVE-2010-0524
FTP Server:  CVE-ID:  CVE-2010-0501
iChat Server:  CVE-ID:  CVE-2006-1329, CVE-2010-0502, CVE-2010-0503, CVE-2010-0504
ImageIO:  CVE-ID:  CVE-2010-0505, CVE-2010-0041, CVE-2010-0042, CVE-2010-0043
Image RAW:  CVE-ID:  CVE-2010-0506, CVE-2010-0507
Libsystem:  CVE-ID:  CVE-2009-0689
Mail:  CVE-ID:  CVE-2010-0508, CVE-2010-0525
Mailman:  CVE-ID:  CVE-2008-0564
MySQL:  CVE-ID:  CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019, CVE-2009-4030
OS Services:  CVE-ID:  CVE-2010-0509
Password Server:  CVE-ID:  CVE-2010-0510
perl:  CVE-ID:  CVE-2008-5302, CVE-2008-5303
PHP:  CVE-ID:  CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4017, CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4142, CVE-2009-4143
Podcast Producer:  CVE-ID:  CVE-2010-0511
Preferences:  CVE-ID:  CVE-2010-0512
PS Normalizer:  CVE-ID:  CVE-2010-0513
QuickTime:  CVE-ID:  CVE-2010-0062, CVE-2010-0514, CVE-2010-0515, CVE-2010-0516, CVE-2010-0517, CVE-2010-0518, CVE-2010-0519, CVE-2010-0520, CVE-2010-0526
Ruby:  CVE-ID:  CVE-2009-2422, CVE-2009-3009, CVE-2009-4214, CVE-2009-1904
Server Admin:  CVE-ID:  CVE-2010-0521, CVE-2010-0522
SMB:  CVE-ID:  CVE-2009-2906
Tomcat:  CVE-ID:  CVE-2009-0580, CVE-2009-0033, CVE-2009-0783, CVE-2008-5515, CVE-2009-0781, CVE-2009-2901, CVE-2009-2902, CVE-2009-2693
unzip:  CVE-ID:  CVE-2008-0888
vim:  CVE-ID:  CVE-2008-2712, CVE-2008-4101, CVE-2009-0316
Wiki Server:  CVE-ID:  CVE-2010-0523, CVE-2010-0534
X1: 1 CVE-ID:  CVE-2009-2042, CVE-2003-0063
xar:  CVE-ID:  CVE-2010-0055

To download: http://www.apple.com/support/downloads/
For more information:

http://support.apple.com/kb/HT1222

http://support.apple.com/kb/HT4014

http://support.apple.com/kb/HT4015

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

0 comment(s)
Diary Archives