OS X Security Patch Corrects Remote Root Vulnerability
Severity: Medium
4 May, 2004

Summary:
This week, Apple released two security patches to fix various security flaws found in software that ships with OS X 10.2.8 (Jaguar) and 10.3.3 (Panther). The flaws affect applications ranging from AppleFileServer to Apache 2, the worst allowing a remote attacker to gain total control of your OSX machine. If you use Apple OS X, OS X Server 10.2.8, or OS X Server 10.3.3, you should download, test and deploy the corresponding security patches as soon as possible.

Exposure:
In a post to their security update page, Apple released a security update for OS X 10.3.3 and another for 10.2.8. Both updates fix security issues found in various packages OS X utilizes. Apple describes the patch for the most serious of these flaws as a fix to "improve the handling of long passwords." Third party sources clarify that this actually fixes a vulnerability that could allow a remote hacker to gain root -- that is, absolute control of your OS X machine. You'll find more details on these flaws below:

A Buffer Overflow in AppleFileServer (CAN-2004-0430) allows remote hackers to gain root privileges on your OS X machine by send a specially-crafted, overly-long login. For more details see @stake's alert.
A Denial of Service vulnerability in Apache 2 (CAN-2003-0020, CAN-2004-0113 and CAN-2004-0174) that allows hackers to crash your OS X Web server. A second Apache 2 vulnerability also allows hackers to corrupt your logs.
A Denial of Service and Man-in-the-Middle vulnerability in IPSec (CAN-2004-0155 and CAN-2004-0403) that allows hackers to crash IPSec or make unauthorized IPSec connections.
An unspecified flaw in CoreFoundation (CAN-2004-0428). Apple doesn't supply any details concerning this flaw.
An unspecified flaw in RAdmin (CAN-2004-0429). Apple doesn't supply any details concerning this flaw.
Solution Path:
Apple has released separate patches for OS X or OS X Server 10.3.3 and 10.2.8. You should download, test, and deploy these patches to the corresponding OS X machines during your next maintenance cycle:

Security Update for OS X 10.3.3 (Panther)
Security Update for OS X Server 10.3.3 (Panther)
Security Update for OS X 10.2.8 (Jaguar)
Security Update for OS X Server 10.2.8 (Jaguar)

wie es tönt. um die lücke auszunützen, müsste man ziemlich fit sein.

natürlich schadet es nicht, den patch einzuspielen. bei panther (10.3) ist das unproblematisch. jedenfalls laufen hier bereits rund 20 maschinen völlig problemlos mit dem patch.

mein IBook G4 flitzt auch noch wunderbar nach den Updates.

Gruss
Daniel