Zero-Day Flaw Gets Patched

By Sean Michael Kerner (Send Email)
Posted Mar 3, 2006


Apple's Zero day flaw is no more. Finally, Apple addressed a week-old issue and 19 others hanging around.

Apple Security Update 2006-001 fixes the week old issue that US-CERT tagged with a Cyber Security Alert.

It also addresses 19 other issues in OS X, including improving security against worms which have just recently begun to slither through Apple's core.

The zero-day issue involved how OS X 10.4.5 handles ZIP archives in the Safari Web browser. Arbitrary commands could have potentially been executed automatically via Safari from a malicious site.

Though the issue remained open for more than a week, there was simple workaround provided early on that involved disabling automatic file opening on downloads in Safari, or simply using another browser.

Apple's security update also revealed a number of other significant flaws in Safari the patch fixes.

CVE-ID: CVE-2006-0390/CVE-2005-4504 fixes a heap-based buffer overflow condition in WebKit that could have potentially allowed an attack to execute arbitrary code when a user visits a maliciously crafted Web page.

CVE-ID: CVE-2006-0387 also could have allowed arbitrary code execution from a maliciously crafted Web page, in this instance as the result of JavaScript that could trigger a stack buffer overflow.

The fix for CVE-ID: CVE-2006-0388 prevents cross-domain HTTP redirects, which could have allowed a Web site to redirect to local resources and enable a JavaScript to run on a user's local domain.

CVE-ID: CVE-2006-0389 could have allowed Safari's RSS  model to run JavaScript embedded in a feed, which could have allowed code to run outside of Safari's security constraints.

The update also provides additional protections against worms such as Leap.A, which have recently begun to target Apple Mac users via the iChat instant messaging application.

The update now includes something called "Download Validation," which is supposed to warn users of potentially unsafe file types during transfers.

Other issues addressed in the Apple security update include fixes for perl, rsync, mail, IPsec, apache_mod_php, automount, FileVault, Directory Services and Mail. The potential impacts range from denial of service to arbitrary code execution.

This article was originally published on internetnews.com.

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.