SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Nfs Vendors:   Apple
Apple Mac OS X NFS Ktrace Logging Flaw Lets Local Users Deny Service
SecurityTracker Alert ID:  1010329
SecurityTracker URL:  http://securitytracker.com/id/1010329
CVE Reference:   CVE-2004-0513   (Links to External Site)
Updated:  Jun 3 2004
Original Entry Date:  May 29 2004
Impact:   Denial of service via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   A vulnerability was reported in Apple Mac OS X in the NFS implementation. A local user can cause denial of service conditions.

Apple reported that there is an issue in NFS logging when tracing system calls. No further information was provided by Apple.

The vendor credits David Brown <dave@spoonguard.org> with reporting this issue.

David Brown reported that a local user can mount or access an NFS volume that has '+rx' permissions, change the working directory to the mount point, and then create a ktrace loop by running `ktrace ktrace ls` to cause the system to become mostly unresponsive.

Impact:   A local user can cause the system to become generally unavailable.
Solution:   Apple has released a fix as part of Mac OS X 10.3.4, available at:

* Software Update pane in System Preferences

* Apple's Software Downloads web site:

Updating from Mac OS X 10.3.3

http://www.apple.com/support/downloads/macosxupdate_10_3_4.html
The download file is named: "MacOSXUpdate10.3.4.dmg"
Its SHA-1 digest is: dd2e1576cfd2792f0c012d552d41556192ce7415

Updating from Mac OS X 10.3 - 10.3.2

http://www.apple.com/support/downloads/macosxcombined1034update.html
The download file is named: "MacOSXUpdateCombo10.3.4.dmg"
Its SHA-1 digest is: 061a2560cdd239e8d60e36678a3ea31d1aef5534

Updating from Mac OS X Server 10.3.3

http://www.apple.com/support/downloads/macosxupdate_10_3_4.html
The download file is named: "MacOSXServerUpdate10.3.4.dmg"
Its SHA-1 digest is: c9d04735eb1b381fe8786cc1424fa734abb28c32

Updating from Mac OS X Server 10.3 - 10.3.2

http://www.apple.com/support/downloads/macosxcombinedserver1034update.html
The download file is named: "MacOSXSrvrUpdCombo10.3.4.dmg"
Its SHA-1 digest is: 2579754ab996c4e070bd3bd7c3789792754e6adc

Vendor URL:  docs.info.apple.com/article.html?artnum=61798 (Links to External Site)
Cause:   State error
Underlying OS:  UNIX (macOS/OS X)
Underlying OS Comments:  Prior to 10.3.4

Message History:   None.


 Source Message Contents

Subject:  APPLE-SA-2004-05-28 Mac OS X 10.3.4


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2004-05-28 Mac OS X Update 10.3.4

Mac OS X Update 10.3.4 is now available and contains security
enhancements for the following:

NFS: Improves logging when tracing system calls.  Credit to David
Brown <dave@spoonguard.org> for reporting this issue.

LoginWindow: Improves the handling of directory services lookups and
console log files.  Credit to aaron@vtty.com for reporting the issue.

Packaging: Improves package installation.  Credit to aaron@vtty.com
for reporting the isssue.

TCP/IP: provides better handling of out-of-sequence TCP packets.

AppleFileServer: Improves the use of SSH and reporting errors.

Terminal: Improves the handling of URLs.  Credit to Rene Puls
<rpuls@gmx.net> for reporting this issue.

Note:  CVE Candidate IDs will be published to the Security Updates
page when available:
http://docs.info.apple.com/article.html?artnum=61798

================================================

Mac OS X 10.3.4 may be obtained from:

* Software Update pane in System Preferences

* Apple's Software Downloads web site:

Updating from Mac OS X 10.3.3
=============================
http://www.apple.com/support/downloads/macosxupdate_10_3_4.html
The download file is named: "MacOSXUpdate10.3.4.dmg"
Its SHA-1 digest is: dd2e1576cfd2792f0c012d552d41556192ce7415

Updating from Mac OS X 10.3 - 10.3.2
====================================
http://www.apple.com/support/downloads/macosxcombined1034update.html
The download file is named: "MacOSXUpdateCombo10.3.4.dmg"
Its SHA-1 digest is: 061a2560cdd239e8d60e36678a3ea31d1aef5534

Updating from Mac OS X Server 10.3.3
====================================
http://www.apple.com/support/downloads/macosxupdate_10_3_4.html
The download file is named: "MacOSXServerUpdate10.3.4.dmg"
Its SHA-1 digest is: c9d04735eb1b381fe8786cc1424fa734abb28c32

Updating from Mac OS X Server 10.3 - 10.3.2
===========================================
http://www.apple.com/support/downloads/macosxcombinedserver1034update.
html
The download file is named: "MacOSXSrvrUpdCombo10.3.4.dmg"
Its SHA-1 digest is: 2579754ab996c4e070bd3bd7c3789792754e6adc

Information will also be posted to the Apple Product Security web
site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/security_pgp.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQEVAwUBQLfX+Jyw5owIz4TQAQK+sgf9H3P1/mVZGdqjnejfIezii+jzQnZZaZuv
tCbePSyLEKrn6evHZvUyEdRVIpcbZAU3ymxCNPgg/Mv5gdln/PAdUSYb/wvtUbxM
CB08zYqpD8IsPS5zay8SotYPJsXw+RagbI4zjB8i+mm9Wep/R/zu/iC0G/3/6ItN
qeD8hTF0spGqSrGR0XAUiIBKmUCvel4KFcvxADwGrjCjCUOleQlwE8+nkdUc3/Cd
53oREzuqsboTjaQOcqAToj9n9JzT9R5Oip0PngkXOloAp8ITKQAj6kLrAYMxTe5l
piMH6xElS8VydC7M1wZchUxYHdhKFtlHC/6fWPP/k2vT/QGyt7+pWA==
=C0Or
-----END PGP SIGNATURE-----
_______________________________________________
security-announce mailing list | security-announce@lists.apple.com
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/security-announce
Do not post admin requests to the list. They will be ignored.


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC