SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
Apple macOS/OS X Multiple Flaws Let Remote and Local Users Bypass Security and Deny Service, Local Users Obtain Potentially Sensitive Information, and Applications Gain Elevated Privileges
SecurityTracker Alert ID:  1039427
SecurityTracker URL:  http://securitytracker.com/id/1039427
CVE Reference:   CVE-2016-9042, CVE-2016-9063, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-0381, CVE-2017-1000373, CVE-2017-10989, CVE-2017-11103, CVE-2017-6451, CVE-2017-6452, CVE-2017-6455, CVE-2017-7074, CVE-2017-7077, CVE-2017-7078, CVE-2017-7080, CVE-2017-7082, CVE-2017-7083, CVE-2017-7084, CVE-2017-7086, CVE-2017-7114, CVE-2017-7119, CVE-2017-7127, CVE-2017-7128, CVE-2017-7129, CVE-2017-7130, CVE-2017-7138, CVE-2017-7141, CVE-2017-7143, CVE-2017-7144, CVE-2017-9233   (Links to External Site)
Date:  Sep 25 2017
Impact:   Denial of service via local system, Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system, Root access via local system, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.13
Description:   Multiple vulnerabilities were reported in Apple macOS/OS X. A remote or local user can cause denial of service conditions on the target system. An application can execute arbitrary code with elevated privileges. A local user can obtain potentially sensitive information from system memory. A local user can obtain elevated privileges on the target system. A remote or local user can bypass security restrictions on the target system.

The system may not properly enforce a firewall setting for a previously denied application [CVE-2017-7084].

An application can trigger a memory handling error in the AppSandbox component to cause denial of service conditions [CVE-2017-7074].

A local user may send a password unencrypted via the network due to a flaw in the Captive Network Assistant component [CVE-2017-7143].

A remote user in a privileged network position can trigger a memory handling error in the CFNetwork Proxies component to cause denial of service conditions [CVE-2017-7083].

An application can trigger an out-of-bounds memory read error in the CoreAudio component to read restricted memory [CVE-2017-0381].

A local user can trigger an access control flaw in the Directory Utility component to ?determine the Apple ID of the owner of the target system [CVE-2017-7138].

The KDC-REP service uses the plain text service name supplied in a ticket without authenticating the value. A remote user that can conduct a man-in-the-middle attack can bypass Kerberos mutual authentication [CVE-2017-11103].

An application can trigger a memory corruption error in the IOFireWireFamily component to execute arbitrary code with system privileges [CVE-2017-7077].

An application can trigger a input validation flaw in the IOFireWireFamily component to read restricted memory [CVE-2017-7119].

An application can trigger a memory corruption error in the the kernel component to execute arbitrary code with kernel privileges [CVE-2017-7114].

A remote user can trigger a glob memory error in the libc component to consume excessive system resources and cause denial of service conditions [CVE-2017-7086].

The system does not properly enforce the "Load remote content in messages" settings. A remote user sending email to the target user can determine the target user's IP address [CVE-2017-7141].

A remote user a privileged network position can obtain the contents of mail drafts [CVE-2017-7078].

A physically local user can view Application Firewall prompts when the Screen Lock is engaged [CVE-2017-7082].

A certificate validation error may occur in the Security component, causing a revoked certificate to be trusted [CVE-2017-7080].

Unspecified flaws may exist in the SQLite component [CVE-2017-10989, CVE-2017-7128, CVE-2017-7129, CVE-2017-7130].

An application can trigger a memory corruption error in the SQLite component to execute arbitrary code with system privileges [CVE-2017-7127].

A remote user can exploit a cookie permissions flaw to track users in Safari private browsing mode [CVE-2017-7144].

Abhinav Bansal of Zscaler Inc., Alex Plaskett of MWR InfoSecurity, Brandon Azad, Cure53, Daniel Jalkut of Red Sweater Software, Jeffrey Altman, Viktor Duchovni, Nico Williams, Matthew Van Gundy of Cisco, Russ Cox of Google, Sven Driemecker of adesso mobile solutions gmbh, Rune Darrud (@theflyingcorpse) of Baerum kommune, an anonymous researcher, Tim Kingman, V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro, Xiaolong Bai, Min (Spark) Zheng of Alibaba Inc., and Benjamin Gnahm (@mitp0sh) of PDX reported these vulnerabilities.

Impact:   A remote or local user can cause denial of service conditions on the target system.

A local user can obtain elevated privileges on the target system.

A local user can obtain potentially sensitive information on the target system.

A remote or local user can bypass security controls on the target system.

An application can execute arbitrary code with elevated privileges.

Solution:   The vendor has issued a fix (10.13).

The vendor advisory is available at:

https://support.apple.com/en-us/HT208144

Vendor URL:  support.apple.com/en-us/HT208144 (Links to External Site)
Cause:   Access control error, Input validation error, Resource error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2018, SecurityGlobal.net LLC