There was a new vulnerability released on Friday that covers multiple issues with Mac.
From Secunia:
Description:
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.1) Alias Manager does not display identically-named files contained in identically-named mounted disk images. This can be exploited by malicious people to execute a malicious application by tricking a user into mounting two identically-named disk images.
2) Some errors in BIND can be exploited by malicious people to cause a DoS (Denial of Service).
3) An integer overflow error in CoreGraphics when processing a PDF file can be exploited by malicious people to execute arbitrary code.
This does not affect systems prior to Mac OS X v10.4.
4) An error in crontabs may cause a DoS when filesystems mounted in /tmp gets deleted when the daily cleanup script is executed.
5) An error within the APOP implementation of fetchmail may be exploited by malicious people to disclose a user’s password.
6) An integer underflow error within file’s “file_printf” function can be exploited by malicious people to cause a heap-based buffer overflow.
7) An error in iChat’s UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) module can be exploited by malicious people to cause a buffer overflow by sending a specially crafted packet to the application.
8) An error in mDNSResponder’s UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) module can be exploited by malicious people to cause a buffer overflow by sending a specially crafted packet to the application.
This does not affect systems prior to Mac OS X v10.4.
9) Insufficient access validation in pppd when processing the “plugin” command line option can be exploited by malicious, local users to load arbitrary plugins and gain escalated privileges.
This does not affect systems prior to Mac OS X v10.4.
10) Two vulnerabilities in ruby can be exploited by malicious people to cause a DoS.
11) Errors in screen can be exploited by malicious people to cause a DoS or potentially compromise a vulnerable system.
12) An error in texinfo can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
For more information see vulnerability #1 in:
SA1681613) A format string error in vpnd can be exploited by malicious, local users to gain escalated privileges by running vpnd with specially crafted arguments.
And the patches are available. Here is the writeup from the update.
Security Update 2007-005 is recommended for all users and improves the security of the following components:
bind
CarbonCore
CoreGraphics
crontabs
fetchmail
file
iChat
mDNSResponder
PPP
ruby
screen
texinfo
VPNSecurity Update 2007-004 has been incorporated into this security update.
For detailed information on this update, please visit this website: http://docs.info.apple.com/article.html?artnum=61798
[tags]Apple, Apple Security Patch, 2007-005[/tags]