Apple has reported multiple previously known and newly discovered security vulnerabilities in Mac OS X (Client and Server). The individual security issues include: Improved notification logging (CAN-2004-0168). Undisclosed DiskArbitration security improvements for handling writeable removable media (CAN-2004-0167). Undisclosed IPSec key exchange issue (CAN-2004-0164). pppd daemon format string vulnerability described in BID 9730(Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability) (CAN-2004-0165). Unspecified security vulnerability (CAN-2004-0089) in QuickTime Streaming Server that is related to handling of request data. URI display issue (CAN-2004-0166) in the Safari web browser. Finally 3 vulnerabilities in tcpdump. These issues are described in BID 9507(TCPDump ISAKMP Decoding Routines Denial Of Service Vulnerability), BID 7090(TCPDump Malformed RADIUS Packet Denial Of Service Vulnerability) and BID 9423(TCPDump ISAKMP Decoding Routines Multiple Remote Buffer...
Apple has reported multiple previously known and newly discovered security vulnerabilities in Mac OS X (Client and Server). The individual security issues include: Improved notification logging (CAN-2004-0168). Undisclosed DiskArbitration security improvements for handling writeable removable media (CAN-2004-0167). Undisclosed IPSec key exchange issue (CAN-2004-0164). pppd daemon format string vulnerability described in BID 9730(Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability) (CAN-2004-0165). Unspecified security vulnerability (CAN-2004-0089) in QuickTime Streaming Server that is related to handling of request data. URI display issue (CAN-2004-0166) in the Safari web browser. Finally 3 vulnerabilities in tcpdump. These issues are described in BID 9507(TCPDump ISAKMP Decoding Routines Denial Of Service Vulnerability), BID 7090(TCPDump Malformed RADIUS Packet Denial Of Service Vulnerability) and BID 9423(TCPDump ISAKMP Decoding Routines Multiple Remote Buffer Overflow Vulnerabilities). These issues are currently undergoing further analysis. Where it is appropriate, each individual issue will be assigned a unique BID and any existing BIDs will be updated accordingly to reflect the release of this Security Update.
