Advertisement
Home arrow ITsec Advisories arrow APPLE-SA-2006-11-16 Apple Remote Desktop 3.1
Saturday, 22 November 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  8778  71.58%
Win 2003  1950  15.90%
Win 2000  722  5.89%
Solaris 9/10  402  3.28%
FreeBSD  226  1.84%
Other  185  1.51%

Total attacks: 12263 of which 4619 single ip and 7644 mass defacements

Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
Visitors' Map
APPLE-SA-2006-11-16 Apple Remote Desktop 3.1 PDF Print E-mail
User Rating: / 2
PoorBest 
Written by Marcelo Almeida (Vympel)   
Friday, 17 November 2006

APPLE-SA-2006-11-16 Apple Remote Desktop 3.1

 

Apple Remote Desktop 3.1 is now available. Along with functionality
improvements (see release notes), it also fixes the following
security issue:

 

Apple Remote Desktop
CVE-ID: CVE-2006-4413
Available for: Apple Remote Desktop 3.0
Impact: Malicious local users may be able to modify packages used to install or upgrade client systems
Description: Apple Remote Desktop includes built-in packages used to install and upgrade client systems. The permissions on these packages could allow them to be altered by malicious local users on Apple Remote Desktop admin systems. This could lead to the execution of arbitrary commands with root privileges on client systems when Apple Remote Desktop client software is
installed or upgraded...

This issue has been addressed by applying more restrictive permissions on the built-in installation
packages. Credit to Andrew Mortensen of the University of Michigan for reporting this issue.

Apple Remote Desktop 3.1 may be obtained from:
http://www.apple.com/support/downloads/

For Apple Remote Desktop Client
The download file is named: "RemoteDesktopClient.dmg"
Its SHA-1 digest is: 5747716690703dc6655a2882ebba77424c661650

For Apple Remote Desktop Admin
The download file is named: "RemoteDesktopAdmin310.dmg"
Its SHA-1 digest is: b86f7fb03253c70e3cf33f6ce6c8c1491daae0a7

Information will also be posted to the Apple Product Security
web site: http://docs.info.apple.com/article.html?artnum=61798

Original article


Comments Index (Total Messages: 0)


Post Reply
Name:Guest
Title:
Comment:



Enter this security word

Powered by a Zone-H(ified) version of AkoComment 3.0!


DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The   author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.
 
< Prev   Next >
[ Back ]
 
Top!
© 2008 Zone-H.org - Unrestricted Information
Joomla! is Free Software released under the GNU/GPL License.
 Top!