Neil Archibald

**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X version 10.4.7 **Description** The issue is related to an improperly handled condition in the dynamic linker, which can lead to the use of dangerous paths, likely due to an untrusted search path vulnerability. This allows local users to execute arbitrary code. **Recommendations** For Apple Mac OS X version 10.4.7, consider applying security patches or updates to fix the dynamic linker issue, as no specific workaround is provided for this version.

**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X version 10.3.9 **Description** The issue affects the dynamic linker in Apple Mac OS X, allowing local users to obtain sensitive information. This is achieved through unspecified dynamic linker options that impact how standard error (stderr) is used by privileged applications. **Recommendations** For Apple Mac OS X version 10.3.9, consider restricting access to the dynamic linker options to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mac OS X versions 10.4 through 10.4.5 **Description** A heap-based buffer overflow issue in LibSystem allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. **Recommendations** For Mac OS X versions 10.4 through 10.4.5, update to a version later than 10.4.5 to resolve the issue.

An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.

**Name of the Vulnerable Software and Affected Versions** Mac OS X version 10.4.2 **Description** A issue in Directory Services allows local users to add or remove user accounts. **Recommendations** For Mac OS X version 10.4.2, update to a newer version to mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X versions 10.4.x up to 10.4.1 launchd version 106 **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory. **Recommendations** For Apple Mac OS X versions 10.4.x up to 10.4.1, consider updating to a newer version to mitigate the risk. For launchd version 106, update to a newer version to resolve the issue.

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 4.x through 4.11 FreeBSD versions 5.x through 5.4 Description: The issue is related to the kernel in FreeBSD not properly clearing certain fixed-length buffers when copying variable-length data for use by applications. This could allow applications to read previously used sensitive memory. Recommendations: For versions 4.x through 4.11, update to a version that properly clears fixed-length buffers. For versions 5.x through 5.4, update to a version that properly clears fixed-length buffers. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FreeBSD versions 4.x through 4.11 FreeBSD versions 5.x through 5.4 **Description** The issue is related to the SIOCGIFCONF ioctl, specifically the ifconf function, which does not properly clear a buffer before using it. This allows local users to obtain portions of sensitive kernel memory. **Recommendations** For FreeBSD versions 4.x through 4.11, update to a version outside of this range to resolve the issue. For FreeBSD versions 5.x through 5.4, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the ifconf function until a patch is available.