Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > July 2005 > Apple - Two Security Announcements

July 2005

Apple - Two Security Announcements

ID: 00576
Ref: 535/05
Date: 13 July 2005:13:20:12
Version: 1
Title: Apple - Two Security Announcements
Abstract: 1. Darwin Streaming Server 5.5.1 [APPLE-SA-2005-07-12], 2. Mac OS X v10.4.2 [APPLE-SA-2005-07-12]
Vendors affected: Apple
Operating systems affected: Apple
Applications affected: Apple

Title
=====

Apple - Two Security Announcements:
1. Darwin Streaming Server 5.5.1 [APPLE-SA-2005-07-12]
2. Mac OS X v10.4.2 [APPLE-SA-2005-07-12]


Detail
======

Security announcement summaries:

1. Version 5.5 of the Windows 2000/2003 Server distribution of
this package is vulnerable to a denial of service attack when
handling certain web requests. Version 5.5.1 addresses the problem
by adding extra checks before opening files. Other distributions of
this package, including Mac OS X and Linux, are not vulnerable to the
attack.

2. Dashboard is distributed with Apple-supplied widgets, and users have
the ability to add new ones. It is possible for a user to install a new
widget with the same internal identifier as an Apple-supplied widget. If
this occurs, the newly-installed widget will run in the place of the system
widget. It may not be clear to users that they are running a widget that
they installed as opposed to the Apple-supplied one.


Security announcement content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-07-12 Darwin Streaming Server 5.5.1

The open source Darwin Streaming Server project has been updated to
provide the following security enhancement:

Darwin Streaming Server 5.5.1
Available for: Microsoft Windows 2000/2003 Server
CVE-ID: CAN-2005-2195
Impact: Remote attackers can hang the Web Admin application in
Darwin Streaming Server for Windows 2000/2003 Server
Description: Darwin Streaming Server is distributed with a web-based
admin application that allows it to be configured through a web
browser. Version 5.5 of the Windows 2000/2003 Server distribution of
this package is vulnerable to a denial of service attack when
handling certain web requests. Version 5.5.1 addresses the problem
by adding extra checks before opening files. Other distributions of
this package, including Mac OS X and Linux, are not vulnerable to the
attack. Credit to Sowhat of ITS Security Team for reporting this
issue.

Information on Darwin Streaming Server is available at:
http://developer.apple.com/darwin/projects/streaming/

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQtRdzoHaV5ucd/HdAQJyugf+PpXLWzzoaaRsepjk3S9TlLjrRYRW3PyS
E0PnAUb69zeIS0DtKFAKMyvu2JHckvQUg0pbSQdCpcNihtrwFjq/DyphWWlOYeZ9
Und1Gw+TTDXNJ7OqEL2URj1lSGG2ZCFmy6SlXdiufERLTBsLQc7whoHM+AcscWCk
Hj21ysMkyejkG+mMRN3cHiWngNdNvXigyH0pE8WARYRBxdIB6COo4C14CwO2ukso
hOF0DsoLiArMYAFliWdDSwkvMpQggE9olhdLvYlba+gnobhXroT1dU88G/DQ+Hsk
KmHgWerTYJ9B2uB3dC290LQUWuiInuAP448aW7odfgYEPkFcJAsccQ==
=K8RY
- -----END PGP SIGNATURE-----



2.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-07-12 Mac OS X v10.4.2

Mac OS X v10.4.2 is now available and delivers the following security
enhancements:

Dashboard
CVE-ID: CAN-2005-1333
Available for: Mac OS X v10.4, Mac OS X Server v10.4
Impact: Users may install widgets that override Apple supplied
widgets
Description: Dashboard is distributed with Apple-supplied widgets,
and users have the ability to add new ones. It is possible for a
user to install a new widget with the same internal identifier as an
Apple-supplied widget. If this occurs, the newly-installed widget
will run in the place of the system widget. It may not be clear to
users that they are running a widget that they installed as opposed
to the Apple-supplied one. This update addresses the problem by
alerting users if they try to install widgets that would cause this
sort of conflict. This issue does not affect previous releases of
Mac OS X.

TCP/IP
CVE-ID: CAN-2005-2194
Available for: Mac OS X v10.4, Mac OS X Server v10.4
Impact: A specifically crafted TCP/IP packet can cause a denial of
service
Description: A specifically crafted TCP/IP packet can cause the
kernel to panic due to a null pointer dereference and require a
reboot. Multiple conditions are required to trigger this problem.
The common practice of filtering source-routed and loose
source-routed packets on network infrastructure, ingress routers and
firewalls can prevent systems from being affected. This issue does
not affect previous releases of Mac OS X. Credit to Julian Y. Koh
and colleagues of Northwestern University for reporting this issue.

Mac OS X v10.4.2 may be obtained from the Software Update pane in
System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

For Mac OS X v10.4.1
The download file is named: "MacOSXUpdate10.4.2.dmg"
Its SHA-1 digest is: 5a11375c29f1f656061189b9467cf9291153de46

For Mac OS X v10.4
The download file is named: "MacOSXUpdateCombo10.4.2.dmg"
Its SHA-1 digest is: 5149def0b79f030bdb2763283c376e4d87d085e9

For Mac OS X Server v10.4.1
The download file is named: "MacOSXServerUpdate10.4.2.dmg"
Its SHA-1 digest is: c8fc07538b1ed558fc1daf221803c47ab6b1b56a

For Mac OS X Server v10.4
The download file is named: "MacOSXSrvrUpdCombo10.4.2.dmg"
Its SHA-1 digest is: 4eaf9dedb18e21ac6282d5af8419a5ca7a562e5e

Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQtQ1ZYHaV5ucd/HdAQLOfAgAhE0YDld/7Ku/pHkNiHe7WWUJ8L5vdy7m
Af17RLbA44s3Ei75OsyobPYadItRCv9DUla6VWMo65r5qCjk0AYL5c3kB+q+nd5O
VYONW6tFxwgu18e5ectbzR3yYZKnkyY7OMIt1XAq1u1hdujZ0m2/EoCpRX0cv43C
Tqdklhtbt18G8VbuCfP/niB6TtMh5x2yEDoAn3m4P9vh9dR2aNfIZFpsM8MXKiwM
IdM4exoPfrJdS78NQMmPHAqtacw/sEGoRB7Won47qVPQNKkRS7dSOc3aYIjOO/os
WjVKtRYKidKmFaHRybpuGmMb2WOTvHrjLggCuO90i06OatDKRh17IA==
=p0Xk
- -----END PGP SIGNATURE-----



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |