Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

APPLE-SA-2013-10-22-7 Apple Remote Desktop 3.7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2013-10-22-7 Apple Remote Desktop 3.7

Subject: APPLE-SA-2013-10-22-7 Apple Remote Desktop 3.7
From: Apple Product Security <email@hidden>
Date: Tue, 22 Oct 2013 19:37:58 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-10-22-7 Apple Remote Desktop 3.7

Apple Remote Desktop 3.7 is now available and addresses the
following:

Apple Remote Desktop
Available for:  Apple Remote Desktop 3.0 or later
Impact:  A warning about use of VNC without encryption may not appear
Description:  If a third-party VNC server reported certain
authentication types, Remote Desktop may have used password
authentication but not warned that the connection would be
unencrypted. This issue was addressed through improved handling of
authentication types.
CVE-ID
CVE-2013-5136 : Mark S. C. Smith studying at Central Connecticut
State University

Apple Remote Desktop
Available for:  Apple Remote Desktop 3.0 or later
Impact:  A remote attacker may be able to cause arbitrary code
execution
Description:  A format string vulnerability existed in Remote
Desktop's handling of the VNC username.
CVE-ID
CVE-2013-5135 : SilentSignal working with iDefense VCP


Apple Remote Desktop 3.7 may be obtained from the Software Update
pane, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

The download file is named:  "RemoteDesktopClient3.7.dmg"
Its SHA-1 digest is: dc93c3f62309898e317fe0704ca737ad066f3d91

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJSZwkfAAoJEPefwLHPlZEwLV0P+wdDkqd15gqcFf04hj460JBA
VCLPDI1LBN7y9pS/zhORXswveiLtsW/pOjVhO5cFLo7UNbHLwMnvdLU8YeL/bw4E
RBrMDx3DuOMioV/ygVqYq62bQLIDezcIQCDh8zC0gZLvw+KHsNHUGvzpNYROODq7
1IzQ5Mm3e5Gms1o2qNv465PIUZ/8T5JIycUsCvKXLIuNMSaueaAJxjmyBo4fHg8w
XrUdJ3Ql/hdJR7ehDKeKOG87eIpL/eOebb/8HIDzCAXOSraIAEDvEzkgUy4l5zmX
4Mr7W9k9Pe0qy90wk6fDZisamEOpjTPGkPzDVx7iEazbcr5uJ0rDWSlghkr6HiRj
dmTN2MyMJ4OYHB+0uGbypGFEORREJURgqT3THqtwJKRgjHBp7lIPZ0omGi9S3sHd
nPC+uWo46f+F6SU04iXjwL8qzApre5nbR+2UqCYOzlg/43B+hVXCEXIk8+f/RFg/
Uj7m6Jna7pxlXpsnDz8JddanRKEjtqcTLZBpS7L+1Ev4vIpXsdgumkQxnH9E71iv
sd/UrFo4VsQVouOPU8kx/Di1BB7hsYqFG5piVU98biG1ReT5zQ7Sy2I35J6wue7m
ND+U153bFvVKVtQ8cQyF+zDaac/vzTTZELkP2JNZbF+ftBsLv6yXx9GONw6oO8df
SQTqByKplLvQSckJQRV1
=qWJj
-----END PGP SIGNATURE-----

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

Prev by Date: APPLE-SA-2013-10-22-6 Apple Remote Desktop 3.5.4
Next by Date: APPLE-SA-2013-10-22-8 iTunes 11.1.2
Previous by thread: APPLE-SA-2013-10-22-6 Apple Remote Desktop 3.5.4
Next by thread: APPLE-SA-2013-10-22-8 iTunes 11.1.2
Index(es):
- Date
- Thread