Network Security

Network Security News Monitor - Friday, June 02, 2006 Events

 

FreeBSD SMBFS Traversal chroot Bypass

FreeBSD contains a flaw that allows a remote attacker to escape a chroot environment when the chroot is implemented over a Server Message Block File System (SMBFS). The issue is due to the SMBFS not properly sanitizing user input, specifically directory traversal style attacks (..\). This flaw may lead to a loss of integrity.. Read more.

Mac OS X Server QuickTime Server Missing Track DoS

Mac OS X contains a flaw that may allow a local denial of service. The issue is triggered when a Quicktime movie with a missing track causes a null pointer dereference, and will result in loss of availability for the Quicktime server.. Read more.

Mac OS X Server QuickTime Streaming Server RTSP Request DoS

A remote overflow exists in Mac OS X Server. The Quicktime Streaming Server fails to validate RTSP requests resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more.

Mac OS X Mail Enriched Text Color Arbitrary Class Allocation Code Execution

Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when invalid color information is included in enriched text email, which could cause the allocation and initialization of arbitrary classes. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more.

Mac OS X MySQL Manager Blank root Password

By default, MySQL Manager on Mac OS X installs with a default password, which is not changed, even if a password is entered when prompted during setup. The root account has a blank password which is publicly known and documented. This allows local attackers to trivially access the program or system.. Read more.

Mac OS X Safari Archive Expansion Symbolic Link Target Execution

Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when an archive file is downloaded with Safari's "Open `safe' files after downloading" option is enabled, and the archive contains a symbolic link, and the target of the symbolic link may be moved to the user's desktop and launched. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more.

Mac OS X CFStringGetFileSystemRepresentation Integer Underflow

An local underflow exists in Mac OS X. The CFStringGetFileSystemRepresentation API fails to validate unspecified input resulting in an integer underflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more.

Mac OS X ImageIO JPEG Metadata Overflow

A local overflow exists in Max OS X. ImageIO fails to validate JPEG image files resulting in a heap overflow. With a specially crafted file with malformed JPEG metadata, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more.

Mac OS X Internet Location Spoofing Arbitrary Code Execution

Mac OS X contains a flaw that may allow a malicious user to spoof the true nature of an Internet Location item. The issue is triggered when an Internet Location file contains a different type of URL than the Internet Location type. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more.