site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2004-09-30 Security Update 2004-09-30 Security Update 2004-09-30 is now available and delivers the following security enhancements: AFP Server Available for: Mac OS X v10.3.5 and Mac OS X Server v10.3.5 CVE-ID: CAN-2004-0921 Impact: A denial of service permitting a guest to disconnect AFP volumes Description: An AFP volume mounted by a guest could be used to terminate authenticated user mounts from the same server by modifying SessionDestroy packets. This issue does not affect systems prior to Mac OS X v10.3 or Mac OS X Server v10.3. AFP Server Available for: Mac OS X v10.3.5 and Mac OS X Server v10.3.5 CVE-ID: CAN-2004-0922 Impact: Write-only AFP Drop Box may be set as read-write Description: A write-only Drop Box on an AFP volume mounted by a guest could sometimes be read-write due to an incorrect setting of the guest group id. This issue does not affect systems prior to Mac OS X v10.3 or Mac OS X Server v10.3. CUPS Available for: Mac OS X v10.3.5, Mac OS X Server v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0558 Impact: A denial of service causing the printing system to hang Description: The Internet Printing Protocol (IPP) implementation in CUPS can hang when a certain UDP packet is sent to the IPP port. CUPS Available for: Mac OS X v10.3.5, Mac OS X Server v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0923 Impact: Local disclosure of user passwords Description: Certain methods of authenticated remote printing could disclose user passwords in the printing system log files. Credit to Gary Smith of the IT Services department at Glasgow Caledonian University for reporting this issue. NetInfo Manager Available for: Mac OS X v10.3.5 and Mac OS X Server v10.3.5 CVE-ID: CAN-2004-0924 Impact: Incorrect indication of account status Description: The NetInfo Manager utility can enable the "root" account, but after a single "root" login it is no longer possible to use NetInfo Manager to disable the account and it incorrectly appears to be disabled. This issue does not affect systems prior to Mac OS X v10.3 or Mac OS X Server v10.3. postfix Available for: Mac OS X v10.3.5 and Mac OS X Server v10.3.5 CVE-ID: CAN-2004-0925 Impact: A denial of service when SMTPD AUTH has been enabled Description: When SMTPD AUTH has been enabled in postfix, a buffer containing the username is not correctly cleared between authentication attempts. Only users with the longest usernames will be able to authenticate. This issue does not affect systems prior to Mac OS X v10.3 or Mac OS X Server v10.3. Credit to Michael Rondinelli of EyeSee360 for reporting this issue. QuickTime Available for: Mac OS X v10.3.5, Mac OS X Server v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0926 Impact: A heap buffer overflow could allow attackers to execute arbitrary code Description: Flaws in decoding the BMP image type could overwrite heap memory and potentially allow the execution of arbitrary code hidden in an image. ServerAdmin Available for: Mac OS X Server v10.3.5 and Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0927 Impact: Client - Server communication with ServerAdmin can be read by decoding captured sessions Description: Client - Server communication with ServerAdmin uses SSL. All systems come installed with the same example self signed certificate. If that certificate has not been replaced, then ServerAdmin communication may be decrypted. The fix replaces the existing self-signed certificate with one that has been locally and uniquely generated. ================================================ The title of this security update does not match today's date. Parts of Cupertino and nearby cities experienced a power blackout late last week, which affected the actual release date. ================================================ Security Update 2004-09-30 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.3.5 and Mac OS X Server v10.3.5 ================================================ The download file is named: "SecUpd2004-09-30Pan.dmg" Its SHA-1 digest is: 1660042cecdfca15866cc3a7be06c69ee52d68a3 For Mac OS X v10.2.8 and Mac OS X Server v10.2.8 ================================================ The download file is named: "SecUpd2004-09-30Jag.dmg" Its SHA-1 digest is: 6db70c5b76d386776f491dca52fabdc02c8284e1 Information will also be posted to the Apple Product Security web site: http://www.apple.com/support/security/security_updates.html This message is signed with Apple's Product Security PGP key, and details are available at: http://www.apple.com/support/security/security_pgp.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQEVAwUBQWG0OJyw5owIz4TQAQIL0Af+Imy6bB1sAngh3LYt2YE8N/ibWh5sMwda 4PpBqJL8WY4UEV3jP6UOzEH1QYMAGF7/NbXKuyVrXEo5cQdEtVLYuhGwwvuSHlM+ FtYRoD2Nx/1/+4+uOWWMeWvr45PJheCLhw0KlQ+98DETmBFyNkJFwZXTXCSRK0tz I52ZZTMFHIDVSJ32+way32MFLVSinEDsnFUG2TNohJBLGX1INJHZTvHbs/gtN8b+ cHFypqXKtLpFlScim5QWx4QPnenfLko3IrsqcWDPUjJ7w9EVVTkMldHKFbjbR8vQ 0aws7V3kDcbeFTVlTigjzA3FGh+XjM6L6ea91duDNRT1hwAiZ8qMiA== =Ml2L -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com