ID

VAR-200511-0171

CVE

CVE-2005-2752

TITLE

Apple Mac OS X Kernel Unknown Information Disclosure Vulnerability

DESCRIPTION

An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. Apple has released Security Update 2005-10-31 to address multiple Mac OS X local vulnerabilities. The following vulnerabilities were addressed by the security update: - A misleading file ownership display, resulting in a false sense of security. - A software update failure, potentially resulting in a failure to install critical security fixes. - A group membership alteration issue, potentially resulting in unauthorized access due to a delayed changes to group membership. - An information disclosure issue with Keychain, potentially allowing unauthorized users to view already displayed plaintext passwords after the Keychain has automatically locked due to a timeout. - Multiple information disclosure issues in the kernel, potentially allowing local users to gain access to sensitive information, aiding them in further attacks. These vulnerabilities will be separated into individual BIDs upon further analysis of the issues. This update addresses the issue by synchronizing the displayed ownership with the actual ownership in all situations. This issue does not affect systems prior to Mac OS X v10.4. If all applicable updates have been marked in this way, Software Update will exit without providing an an opportunity to reset the status of these updates so that they may be installed. This update addresses the issue by asking whether the ignored updates list should be reset when this situation is encountered. This issue does not affect systems prior to Mac OS X v10.4. This may result in an authenticated user being able to access files or other resources even after they have been removed from a group. This issue does not affect systems prior to Mac OS X v10.4. Keychain CVE-ID: CVE-2005-2739 Available for: Mac OS X v10.4.2, Mac OS X Server v10.4.2 Impact: Keychain Access will continue displaying plaintext passwords after lock timeout Description: Keychain Access is a utility distributed with Mac OS X that is used to view keychain items and change keychain settings. If a keychain automatically locks due to a timeout while viewing a password stored inside it, that password will remain visible. This update patches Keychain Access so that passwords are hidden when keychains lock. This issue does not affect systems prior to Mac OS X v10.4. Credit to Eric Hall of DarkArt Consulting Services for reporting this issue. These issues affect Mac OS X v10.4.2 and earlier. Credit to Ilja van Sprundel and Neil Archibald of Suresec LTD, and Colin Percival of the FreeBSD team for reporting these issues. This is caused due to the password display not being hidden after timeout. An issue in the Software Update and another in the displaying of file and group permissions in the Finder Get Info Window have also been fixed. ORIGINAL ADVISORY: http://docs.info.apple.com/article.html?artnum=302763 OTHER REFERENCES: SA14959: http://secunia.com/advisories/14959/ SA15262: http://secunia.com/advisories/15262/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

information disclosure

EXTERNAL IDS

REFERENCES

CREDITS

Eric HallIlja van Sprundel ilja@suresec.org

SOURCES

LAST UPDATE DATE

2024-08-14T13:40:12.305000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE