SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (Mac)  >   Apple File Protocol (AFP) Vendors:   Apple Computer
Mac OS X Apple File Protocol (AFP) Access Control Bug Lets Administrators Login Under Other User Identities
SecurityTracker Alert ID:  1006107
SecurityTracker URL:  http://securitytracker.com/id/1006107
CVE Reference:   CVE-2003-0049   (Links to External Site)
Updated:  Jun 13 2008
Original Entry Date:  Feb 15 2003
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Mac OS X 10.2.3 and prior versions
Description:   An access control vulnerability was reported in Mac OS X Apple File Protocol (AFP) servers. A remote authenticated system administrator may access the server under another user's identity.

It is reported that a remote authenticated system administrator could login to an AFP server as a different user. No further details were provided.

Impact:   A remote authenticated system administrator could login under a different user's identity.
Solution:   The vendor has released a fixed version (10.2.4). The functionality is now optional (configurable). The update is available from:

* Software Update pane in System Preferences

- OR -

* Apple's Software Downloads web site:

If updating from Mac OS X 10.2.3:

http://www.info.apple.com/kbnum/n70167

The download file is named: "MacOSXUpdate10.2.4.dmg"
Its SHA-1 digest is: a54695d21f1162bd453d2f9a3b02176cae8c8777

If updating from Mac OS X 10.2, 10.2.1, or 10.2.2:

http://www.info.apple.com/kbnum/n70168

The download file is named: "MacOSX10.2.4Combined.dmg"
Its SHA-1 digest is: 0b377141c1cd11d303a72ce3fac5170d2e02cf3b

Vendor URL:  docs.info.apple.com/article.html?artnum=61798 (Links to External Site)
Cause:   Access control error
Underlying OS:   UNIX (OS X)

Message History:   None.


 Source Message Contents

Date:  Fri, 14 Feb 2003 11:27:02 -0800
Subject:  APPLE-SA-2003-02-14 Mac OS X 10.2.4 client


-----BEGIN PGP SIGNED MESSAGE-----

APPLE-SA-2003-02-14 Mac OS X 10.2.4 client

Mac OS X 10.2.4 client Software Update is now available.  It contains 
fixes for
the following potential security issues:

* Sendmail:  Fixes CAN-2002-0906 Buffer overflow in Sendmail before 
8.12.5, when
configured to use a custom DNS map to query TXT records, could permit a 
denial
of service attack and possibly allow execution of arbitrary code.  Mac 
OS X
10.2.4 contains Sendmail 8.12.6 with the SMRSH fix applied to also 
address
CAN-2002-1165 .

* AFP:  Fixes CAN-2003-0049 "AFP login permissions for the system
administrator".  Provides an option whereby a system administrator may 
or may
not be allowed to log in as a user, authenticating via their admin 
password.
Previously, administrators could always log in as a user, 
authenticating via
their own admin password.

* Classic:  Fixes CAN-2003-0088 , where an attacker may change an 
environment
variable to create arbitrary files or overwrite existing files, which 
could lead
to obtaining elevated privileges.  Credit to Dave G. from @stake, Inc. 
for
discovering this issue.

* Samba: Previous releases of Mac OS X are not vulnerable to 
CAN-2002-1318 , an
issue in Samba's length checking for encrypted password changes.  Mac 
OS X
currently uses Directory Services for authentication, and does not call 
the
vulnerable Samba function. However, to prevent a potential future 
exploit via
this function, the patch from Samba 2.2.7 was applied although the 
version of
Samba was not changed for this update release.  Further information is 
available
from: http://samba.org/samba/whatsnew/samba-2.2.7.html

Mac OS X 10.2.4 client Software Update may be obtained from:

    * Software Update pane in System Preferences

    - OR -

    * Apple's Software Downloads web site:

      Updating from Mac OS X 10.2.3:
         http://www.info.apple.com/kbnum/n70167
      The download file is named: "MacOSXUpdate10.2.4.dmg"
      Its SHA-1 digest is: a54695d21f1162bd453d2f9a3b02176cae8c8777

      Updating from Mac OS X 10.2, 10.2.1, or 10.2.2:
         http://www.info.apple.com/kbnum/n70168
      The download file is named:  "MacOSX10.2.4Combined.dmg"
      Its SHA-1 digest is: 0b377141c1cd11d303a72ce3fac5170d2e02cf3b


Information is also posted to the Apple Support web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key, and 
details are
available at:
http://www.apple.com/support/security/security_pgp.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.3

iQEVAwUBPk1CwyFlYNdE6F9oAQH+Jgf/dB72A3cb+cz2It8jKRR2vrx/WLqeWjMG
DF7757xPTfDLG1oc4Nqd1lGdcoI19rhYyY86avnr6yykIr+gFz27Yujz48fgvIdL
OMBD66wV+Ohq5jwB19baJu3pq+TCDlsRg//bhKsvE7izdtahlXdIDnSYJDUUb0Nl
yMtu6jyoHPcxJAUUVEgG4vYuiVKnD4ZGGkKoS4tPNe2BAz0kw7lrr70edEGn/EA2
ZWl+LQ7AFBnxCm2NAeJ3BA+SyjrPw3/atNLaJCfQTi+UoA3OT/EET/PcMNosQaMG
7pYbachVjVHext8B9GmAy02NyoKjV/sFn0AVjV2w0NgJp9YW/sBBzw==
=gmkJ
-----END PGP SIGNATURE-----
_______________________________________________
security-announce mailing list | security-announce@lists.apple.com
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/security-announce
Do not post admin requests to the list. They will be ignored.


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC