Mac OS X v10.6.5: Multiple Vulnerabilities

Users of Mac OS X v10.6.5 please be advised of Multiple Vulnerabilities that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

APPLE-SA-2010-11-10-1: [APPLE-SA-2010-11-10-1] Mac OS X v10.6.5 and Security Update 2010-007

Impact: A remote attacker may cause AFP Server to unexpectedly shutdown Description: A null pointer dereference exists in AFP Server's handling of reconnect authentication packets. A remote attacker may cause AFP Server to unexpectedly shutdown. Mac OS X automatically restarts AFP Server after a shutdown. This issue is addressed through improved validation of reconnect packets. Credit: Apple.

Impact: An authenticated user may cause arbitrary code execution Description: A directory traversal issue exists in AFP Server, which may allow an authenticated user to create files outside of a share with the permissions of the user. With a system configuration where users are permitted file sharing access only, this may lead to arbitrary code execution. This issue is addressed through improved path validation. Credit: Apple. Read more at www.criticalwatch.com

 

See this Amp at http://bit.ly/9M9mle