• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: RETIRED: Apple Mac OS X 2008-008 Multiple Security Vulnerabilities

Severity: CRITICAL

Description:

Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-008.

The security update addresses a total of 10 new vulnerabilities that affect the Apple Type Services, BOM, kernel, Libsystem, Managed Client, natd, and Podcast Producer components of Mac OS X. The advisory also contains security updates for 10 previously reported issues.

This BID is being retired. The following individual records have been created to better document the issues:

32870 Apple Podcast Producer Authentication-Bypass Vulnerability
32872 Apple Mac OS X UDF ISO File Handling Denial of Service Vulnerability
32873 Apple Mac OS X NFS Mounted Executable Exception Remote Denial of Service Vulnerability
32874 Apple Mac OS X 'natd' Remote Denial of Service Vulnerability
32875 Apple Mac OS X Type Services PDF File Remote Denial of Service Vulnerability
32876 Apple Mac OS X BOM CPIO Header Stack Buffer Overflow Vulnerability
32877 Apple Mac OS X 'inet_net_pton' API Integer Overflow Vulnerability
32879 Apple Mac OS X 'i386_set_ldt' and '1386_get_ldt' Multiple Integer Overflow Vulnerabilities
32880 Apple Mac OS X Managed Client Screen Saver Lock Bypass Vulnerability
32881 Apple Mac OS X 'strptime' API Memory Corruption Vulnerability

Affected Products:

• Apple Mac OS X 10.4.0
• Apple Mac OS X 10.4.1
• Apple Mac OS X 10.4.10
• Apple Mac OS X 10.4.11
• Apple Mac OS X 10.4.11
• Apple Mac OS X 10.4.2
• Apple Mac OS X 10.4.3
• Apple Mac OS X 10.4.4
• Apple Mac OS X 10.4.5
• Apple Mac OS X 10.4.6
• Apple Mac OS X 10.4.7
• Apple Mac OS X 10.4.8
• Apple Mac OS X 10.4.9
• Apple Mac OS X 10.5
• Apple Mac OS X 10.5.1
• Apple Mac OS X 10.5.2
• Apple Mac OS X 10.5.3
• Apple Mac OS X 10.5.4
• Apple Mac OS X 10.5.5
• Apple Mac OS X Server 10.4.0
• Apple Mac OS X Server 10.4.1
• Apple Mac OS X Server 10.4.10
• Apple Mac OS X Server 10.4.11
• Apple Mac OS X Server 10.4.11
• Apple Mac OS X Server 10.4.2
• Apple Mac OS X Server 10.4.3
• Apple Mac OS X Server 10.4.4
• Apple Mac OS X Server 10.4.5
• Apple Mac OS X Server 10.4.6
• Apple Mac OS X Server 10.4.7
• Apple Mac OS X Server 10.4.8
• Apple Mac OS X Server 10.4.9
• Apple Mac OS X Server 10.5
• Apple Mac OS X Server 10.5.1
• Apple Mac OS X Server 10.5.2
• Apple Mac OS X Server 10.5.3
• Apple Mac OS X Server 10.5.4
• Apple Mac OS X Server 10.5.5

References:

• Apple: About the security content of Security Update 2008-008 / Mac OS X v10.5.6
• Apple: Mac OS X Home Page

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.