May 25 2007

Apple security update fixes iChat issue

Posted by: Adina in Software



Apple security update fixes iChat issue

Bugs that could allows users to cause a denial of service or arbitrary code execution in iChat where fixed this week because Apple released Security Update 2007-005.

Apple’s iChat application was found to have a buffer overflow vulnerability in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code used to create Port Mappings. An attacker on the local network could trigger the overflow and cause an unexpected application termination or arbitrary code execution, as well as a denial of service.ichat

Like the iChat issue, an attacker on the local network could trigger the overflow and cause an unexpected application termination or arbitrary code execution, as well as a denial of service.
Separate problems with vpnd and the ppp daemon have been addressed that allowed a local user to obtain system privileges, as well as denial of service vulnerabilities in the Ruby CGI library.

Other changes in the underpinnings of the operating system have addressed as well, including issues with BIND, CoreGraphics, crontabs, fetchmail, texinfo and others.
The update is available from Mac OS X’s built-in software update mechanism.

These icons link to social bookmarking sites where readers can share and discover new web pages.
  • TwitThis
  • Reddit
  • del.icio.us
  • StumbleUpon
  • Mixx

Comments

(required)

(will not be published/required)

(required)