Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Apple Releases OSX 10.5.6/Security update 2008-008 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Apple Releases OSX 10.5.6/Security update 2008-008

Published: 2008-12-15
Last Updated: 2008-12-15 18:25:13 UTC
by Toby Kohlenberg (Version: 1)
0 comment(s)

Apple's released an update for OSX, you can now download 10.5.6 through the Software Update app.

It patches a large number of vulns, here are just the CVEs:

  • CVE-2008-4236 - Apple Type Services malicious PDF font DoS
  • CVE-2008-4217 - BOM CPIO archive code execution
  • CVE-2008-3623 - CoreGraphics heap overflow via malicious image
  • CVE-2008-3170 - CoreServices/Safari user credential disclosure
  • CVE-2008-4234 - CoreTypes failure of Download Validation (no warning when you launch downloaded content)
  • CVE-2008-4818 - Flash Player plug-in issues (as per previous entries earlier in the summer)
  • CVE-2008-4819 - Flash Player plug-in issues
  • CVE-2008-4820 - Flash Player plug-in issues
  • CVE-2008-4821 - Flash Player plug-in issues
  • CVE-2008-4822 - Flash Player plug-in issues
  • CVE-2008-4823 - Flash Player plug-in issues
  • CVE-2008-4824 - Flash Player plug-in issues
  • CVE-2008-4218 - Kernel integer overflow allowing local priv escalation
  • CVE-2008-4219 - Kernel - system crash when you use dynamic libraries on an NFS share
  • CVE-2008-4220 - Libsystem integer overflow in the inet_net_pton API (gives code execution)
  • CVE-2008-4221 - Libsystem "memory corruption" via the strptime API (gives code execution)
  • CVE-2008-1391 - Libsystem - a whole pile of integer overflows in  the strfmon API (gives code execution)
  • CVE-2008-4237 - Managed Client doesn't apply managed screen saver settings correctly
  • CVE-2008-4222 - network_cmds - DoS via custom TCP packet when Internet Sharing is enabled
  • CVE-2008-4223 - Podcast Producer auth bypass allows a remote attacker access to the admin functions
  • CVE-2008-4224 - UDF - a specially built ISO file can cause a system crash.

You can get the update via Software Update or from: http://www.apple.com/support/downloads/

The hashes are as follows:

For Mac OS X v10.5.5
The download file is named: "MacOSXUpd10.5.6.dmg"
Its SHA-1 digest is: 684f67524a92b4314a4bdd52498fb3b6af8f9ded

For Mac OS X v10.5 - v10.5.4
The download file is named: "MacOSXUpdCombo10.5.6.dmg"
Its SHA-1 digest is: 09de4ac2c5591ab75d51ef37dc70f9e5630150d4

For Mac OS X Server v10.5.5
The download file is named: "MacOSXServerUpd10.5.6.dmg"
Its SHA-1 digest is: bd14ab94b9bcc896da1613ac761171b54286bcac

For Mac OS X Server v10.5 - v10.5.4
The download file is named: "MacOSXServerUpdCombo10.5.6.dmg"
Its SHA-1 digest is: e20d8d458be3ec51b0083ff823ce27def00dbca7

For Mac OS X v10.4.11 (Intel)
The download file is named: "SecUpd2008-008Intel.dmg"
Its SHA-1 digest is: 651e592fad1bd158a76459a81d2ebede1f3bedea

For Mac OS X v10.4.11 (PowerPC)
The download file is named: "SecUpd2008-008PPC.dmg"
Its SHA-1 digest is: 9bb2aa7fcc924715b6442e808fc778789f359906

For Mac OS X Server v10.4.11 (Universal)
The download file is named: "SecUpdSrvr2008-008Univ.dmg"
Its SHA-1 digest is: 21702064037150cdeb9d708304ee91eb254c7371

For Mac OS X Server v10.4.11 (PowerPC)
The download file is named: "SecUpdSrvr2008-008PPC.dmg"
Its SHA-1 digest is: d0e4720051ea27b8edf0ab2a124d6e9f0e16534c

We'll be updating as we have any additional information about the update

Keywords:
0 comment(s)
Diary Archives