Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Industry Watch

Security Update 2008-005

A patch for the rest of them.


Get It

Try It

CUPERTINO (Rixstep) -- So Apple finally patched the DNS Kaminsky hole. 'It's about time' is a recurring murmur heard loud and clear. Appropriate since it's been reported the hole has already been actively exploited.

The update also addresses the ARDAgent hole - but what a patch that became.

And Charles Srstka gets credit for 'reporting the issue' - five years ago.

ASU HT2647

The update addresses a whole slew of security holes: ARDAgent, BIND, CarbonCore, CoreGraphics, Data Detectors Engine, Disk Utility, OpenLDAP, OpenSSL, PHP, QuickLook, rsync.

The two most talked about follow.

CVE-2008-2830A design issue exists in the Open Scripting Architecture libraries when determining whether to load scripting addition plugins into applications running with elevated privileges. Sending scripting addition commands to a privileged application may allow the execution of arbitrary code with those privileges. This update addresses the issue by not loading scripting addition plugins into applications running with system privileges. The recently reported ARDAgent and SecurityAgent issues are addressed by this update. Credit to Charles Srstka for reporting this issue.
CVE-2008-1447The Berkeley Internet Name Domain (BIND) server is distributed with Mac OS X, and is not enabled by default. When enabled, the BIND server provides translation between host names and IP addresses. A weakness in the DNS protocol may allow remote attackers to perform DNS cache poisoning attacks. As a result, systems that rely on the BIND server for DNS may receive forged information. This update addresses the issue by implementing source port randomization to improve resilience against cache poisoning attacks. For Mac OS X v10.4.11 systems, BIND is updated to version 9.3.5-P1. For Mac OS X v10.5.4 systems, BIND is updated to version 9.4.2-P1. Credit to Dan Kaminsky of IOActive for reporting this issue.

When to Worry, When to Not

TidBITS published a DIY workaround for the DNS hole the other day; the one thing they seem to have missed is that patching BIND is really not a worry on most Mac installs.

When OS X Server acts as a DNS server it should definitely be worried about. It uses BIND like the rest of them to provide authoritative DNS. Lookup requests either in Server or Client are always DirectoryService on Leopard unless you invoke tools such as dig.

Tracker Report

Initial reactions to the security update indicate little loss of disk space but a whole lot (65.1 MB) patched for the number of detected flaws.

Following are excerpts from the Tracker report. [Check for '* START LOOKING HERE *' in the listing. Ed.]

 Start: Fri Aug  1 18:30:11 2008
  Stop: Fri Aug  1 18:43:38 2008
Target:
 Paths: /

Changed
-------
/Library/Preferences/DirectoryService/DSRecordTypeRestrictions.plist
/Library/Receipts/boms/com.apple.pkg.update.security.2008.005.bom
/private/etc/php.ini.default
/private/var/db/PanicReporter
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CodeResources
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/CGPSConverterSlave
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/DMProxy
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/Info-macos.plist
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCFilter.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGXCoreImage.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCMaps.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libFontStreams.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libJBIG2.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libPDFRIP.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libPSRIP.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/version.plist
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/WindowServer
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/CodeResources
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/Resources/Info.plist
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/Resources/libSTXT.dylib
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/Resources/version.plist
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CodeResources
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Resources/Info.plist
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Resources/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/QuickLook
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Audio.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Audio.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Audio.qlgenerator/Contents/MacOS/Audio
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Audio.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Bookmark.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Bookmark.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Bookmark.qlgenerator/Contents/MacOS/Bookmark
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Bookmark.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Contact.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Contact.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Contact.qlgenerator/Contents/MacOS/Contact
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Contact.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Font.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Font.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Font.qlgenerator/Contents/MacOS/Font
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Font.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/iCal.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/iCal.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/iCal.qlgenerator/Contents/MacOS/iCal
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/iCal.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Mail.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Mail.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Mail.qlgenerator/Contents/MacOS/Mail
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Mail.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Movie.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Movie.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Movie.qlgenerator/Contents/MacOS/Movie
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Movie.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Package.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Package.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Package.qlgenerator/Contents/MacOS/Package
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Package.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/PDF.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/PDF.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/PDF.qlgenerator/Contents/MacOS/PDF
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/PDF.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/StandardBundles.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/StandardBundles.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/StandardBundles.qlgenerator/Contents/MacOS/StandardBundles
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/StandardBundles.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Text.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Text.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Text.qlgenerator/Contents/MacOS/Text
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Text.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Web.qlgenerator/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Web.qlgenerator/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Web.qlgenerator/Contents/MacOS/Web
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Web.qlgenerator/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/quicklookd.app/Contents/CodeResources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/quicklookd.app/Contents/Info.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/quicklookd.app/Contents/MacOS/quicklookd
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/quicklookd.app/Contents/version.plist
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/version.plist
/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/CodeResources
/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore
/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/Resources/Info.plist
/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/Resources/version.plist
/System/Library/PrivateFrameworks/OfficeImport.framework/Versions/A/CodeResources
/System/Library/PrivateFrameworks/OfficeImport.framework/Versions/A/OfficeImport
/System/Library/PrivateFrameworks/OfficeImport.framework/Versions/A/Resources/Info.plist
/System/Library/PrivateFrameworks/OfficeImport.framework/Versions/A/Resources/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/QuickLookUI
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Generic.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Generic.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Generic.qldisplay/Contents/MacOS/Generic
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Generic.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Image.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Image.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Image.qldisplay/Contents/MacOS/Image
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Image.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Movie.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Movie.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Movie.qldisplay/Contents/MacOS/Movie
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Movie.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Music.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Music.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Music.qldisplay/Contents/MacOS/Music
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Music.qldisplay/Contents/Resources/Music-Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Music.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/NSImage.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/NSImage.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/NSImage.qldisplay/Contents/MacOS/NSImage
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/NSImage.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/PDF.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/PDF.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/PDF.qldisplay/Contents/MacOS/PDF
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/PDF.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/QC.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/QC.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/QC.qldisplay/Contents/MacOS/QC
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/QC.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Text.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Text.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Text.qldisplay/Contents/MacOS/Text
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Text.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Web.qldisplay/Contents/CodeResources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Web.qldisplay/Contents/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Web.qldisplay/Contents/MacOS/Web
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Web.qldisplay/Contents/version.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/Info.plist
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/version.plist
/usr/bin/dig <-- * START LOOKING HERE *
/usr/bin/host
/usr/bin/isc-config.sh
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/bin/openssl
/usr/bin/php
/usr/bin/php-config
/usr/bin/rsync
/usr/lib/libcrypto.0.9.7.dylib
/usr/lib/libssl.0.9.7.dylib
/usr/lib/php/build/run-tests.php
/usr/libexec/apache2/libphp5.so
/usr/libexec/slapd
/usr/sbin/dnssec-keygen
/usr/sbin/dnssec-signzone
/usr/sbin/lwresd
/usr/sbin/named
/usr/sbin/named-checkconf
/usr/sbin/named-checkzone
/usr/sbin/rndc
/usr/sbin/rndc-confgen
/usr/share/man/man1/asn1parse.1ssl.gz
/usr/share/man/man1/ca.1ssl.gz
/usr/share/man/man1/CA.pl.1ssl.gz
/usr/share/man/man1/ciphers.1ssl.gz
/usr/share/man/man1/crl.1ssl.gz
/usr/share/man/man1/crl2pkcs7.1ssl.gz
/usr/share/man/man1/dgst.1ssl.gz
/usr/share/man/man1/dhparam.1ssl.gz
/usr/share/man/man1/dig.1.gz
/usr/share/man/man1/dsa.1ssl.gz
/usr/share/man/man1/dsaparam.1ssl.gz
/usr/share/man/man1/enc.1ssl.gz
/usr/share/man/man1/errstr.1ssl.gz
/usr/share/man/man1/gendsa.1ssl.gz
/usr/share/man/man1/genrsa.1ssl.gz
/usr/share/man/man1/host.1.gz
/usr/share/man/man1/nseq.1ssl.gz
/usr/share/man/man1/nslookup.1.gz
/usr/share/man/man1/ocsp.1ssl.gz
/usr/share/man/man1/openssl.1ssl.gz
/usr/share/man/man1/openssl_fips_fingerprint.1.gz
/usr/share/man/man1/passwd.1ssl.gz
/usr/share/man/man1/pkcs12.1ssl.gz
/usr/share/man/man1/pkcs7.1ssl.gz
/usr/share/man/man1/pkcs8.1ssl.gz
/usr/share/man/man1/rand.1ssl.gz
/usr/share/man/man1/req.1ssl.gz
/usr/share/man/man1/rsa.1ssl.gz
/usr/share/man/man1/rsautl.1ssl.gz
/usr/share/man/man1/rsync.1.gz
/usr/share/man/man1/s_client.1ssl.gz
/usr/share/man/man1/s_server.1ssl.gz
/usr/share/man/man1/s_time.1ssl.gz
/usr/share/man/man1/sess_id.1ssl.gz
/usr/share/man/man1/smime.1ssl.gz
/usr/share/man/man1/speed.1ssl.gz
/usr/share/man/man1/spkac.1ssl.gz
/usr/share/man/man1/verify.1ssl.gz
/usr/share/man/man1/version.1ssl.gz
/usr/share/man/man1/x509.1ssl.gz
/usr/share/man/man3/ASN1_OBJECT_new.3ssl.gz
/usr/share/man/man3/ASN1_STRING_length.3ssl.gz
/usr/share/man/man3/ASN1_STRING_new.3ssl.gz
/usr/share/man/man3/ASN1_STRING_print_ex.3ssl.gz
/usr/share/man/man3/bio.3ssl.gz
/usr/share/man/man3/BIO_ctrl.3ssl.gz
/usr/share/man/man3/BIO_f_base64.3ssl.gz
/usr/share/man/man3/BIO_f_buffer.3ssl.gz
/usr/share/man/man3/BIO_f_cipher.3ssl.gz
/usr/share/man/man3/BIO_f_md.3ssl.gz
/usr/share/man/man3/BIO_f_null.3ssl.gz
/usr/share/man/man3/BIO_f_ssl.3ssl.gz
/usr/share/man/man3/BIO_find_type.3ssl.gz
/usr/share/man/man3/BIO_new.3ssl.gz
/usr/share/man/man3/BIO_push.3ssl.gz
/usr/share/man/man3/BIO_read.3ssl.gz
/usr/share/man/man3/BIO_s_accept.3ssl.gz
/usr/share/man/man3/BIO_s_bio.3ssl.gz
/usr/share/man/man3/BIO_s_connect.3ssl.gz
/usr/share/man/man3/BIO_s_fd.3ssl.gz
/usr/share/man/man3/BIO_s_file.3ssl.gz
/usr/share/man/man3/BIO_s_mem.3ssl.gz
/usr/share/man/man3/BIO_s_null.3ssl.gz
/usr/share/man/man3/BIO_s_socket.3ssl.gz
/usr/share/man/man3/BIO_set_callback.3ssl.gz
/usr/share/man/man3/BIO_should_retry.3ssl.gz
/usr/share/man/man3/blowfish.3ssl.gz
/usr/share/man/man3/bn.3ssl.gz
/usr/share/man/man3/BN_add.3ssl.gz
/usr/share/man/man3/BN_add_word.3ssl.gz
/usr/share/man/man3/BN_bn2bin.3ssl.gz
/usr/share/man/man3/BN_cmp.3ssl.gz
/usr/share/man/man3/BN_copy.3ssl.gz
/usr/share/man/man3/BN_CTX_new.3ssl.gz
/usr/share/man/man3/BN_CTX_start.3ssl.gz
/usr/share/man/man3/BN_generate_prime.3ssl.gz
/usr/share/man/man3/bn_internal.3ssl.gz
/usr/share/man/man3/BN_mod_inverse.3ssl.gz
/usr/share/man/man3/BN_mod_mul_montgomery.3ssl.gz
/usr/share/man/man3/BN_mod_mul_reciprocal.3ssl.gz
/usr/share/man/man3/BN_new.3ssl.gz
/usr/share/man/man3/BN_num_bytes.3ssl.gz
/usr/share/man/man3/BN_rand.3ssl.gz
/usr/share/man/man3/BN_set_bit.3ssl.gz
/usr/share/man/man3/BN_swap.3ssl.gz
/usr/share/man/man3/BN_zero.3ssl.gz
/usr/share/man/man3/buffer.3ssl.gz
/usr/share/man/man3/CONF_modules_free.3ssl.gz
/usr/share/man/man3/CONF_modules_load_file.3ssl.gz
/usr/share/man/man3/crypto.3ssl.gz
/usr/share/man/man3/CRYPTO_set_ex_data.3ssl.gz
/usr/share/man/man3/d2i_ASN1_OBJECT.3ssl.gz
/usr/share/man/man3/d2i_DHparams.3ssl.gz
/usr/share/man/man3/d2i_DSAPublicKey.3ssl.gz
/usr/share/man/man3/d2i_PKCS8PrivateKey.3ssl.gz
/usr/share/man/man3/d2i_RSAPublicKey.3ssl.gz
/usr/share/man/man3/d2i_SSL_SESSION.3ssl.gz
/usr/share/man/man3/d2i_X509.3ssl.gz
/usr/share/man/man3/d2i_X509_ALGOR.3ssl.gz
/usr/share/man/man3/d2i_X509_CRL.3ssl.gz
/usr/share/man/man3/d2i_X509_NAME.3ssl.gz
/usr/share/man/man3/d2i_X509_REQ.3ssl.gz
/usr/share/man/man3/d2i_X509_SIG.3ssl.gz
/usr/share/man/man3/des.3ssl.gz
/usr/share/man/man3/dh.3ssl.gz
/usr/share/man/man3/DH_generate_key.3ssl.gz
/usr/share/man/man3/DH_generate_parameters.3ssl.gz
/usr/share/man/man3/DH_get_ex_new_index.3ssl.gz
/usr/share/man/man3/DH_new.3ssl.gz
/usr/share/man/man3/DH_set_method.3ssl.gz
/usr/share/man/man3/DH_size.3ssl.gz
/usr/share/man/man3/dsa.3ssl.gz
/usr/share/man/man3/DSA_do_sign.3ssl.gz
/usr/share/man/man3/DSA_dup_DH.3ssl.gz
/usr/share/man/man3/DSA_generate_key.3ssl.gz
/usr/share/man/man3/DSA_generate_parameters.3ssl.gz
/usr/share/man/man3/DSA_get_ex_new_index.3ssl.gz
/usr/share/man/man3/DSA_new.3ssl.gz
/usr/share/man/man3/DSA_set_method.3ssl.gz
/usr/share/man/man3/DSA_SIG_new.3ssl.gz
/usr/share/man/man3/DSA_sign.3ssl.gz
/usr/share/man/man3/DSA_size.3ssl.gz
/usr/share/man/man3/engine.3ssl.gz
/usr/share/man/man3/err.3ssl.gz
/usr/share/man/man3/ERR_clear_error.3ssl.gz
/usr/share/man/man3/ERR_error_string.3ssl.gz
/usr/share/man/man3/ERR_get_error.3ssl.gz
/usr/share/man/man3/ERR_GET_LIB.3ssl.gz
/usr/share/man/man3/ERR_load_crypto_strings.3ssl.gz
/usr/share/man/man3/ERR_load_strings.3ssl.gz
/usr/share/man/man3/ERR_print_errors.3ssl.gz
/usr/share/man/man3/ERR_put_error.3ssl.gz
/usr/share/man/man3/ERR_remove_state.3ssl.gz
/usr/share/man/man3/evp.3ssl.gz
/usr/share/man/man3/EVP_BytesToKey.3ssl.gz
/usr/share/man/man3/EVP_DigestInit.3ssl.gz
/usr/share/man/man3/EVP_EncryptInit.3ssl.gz
/usr/share/man/man3/EVP_OpenInit.3ssl.gz
/usr/share/man/man3/EVP_PKEY_new.3ssl.gz
/usr/share/man/man3/EVP_PKEY_set1_RSA.3ssl.gz
/usr/share/man/man3/EVP_SealInit.3ssl.gz
/usr/share/man/man3/EVP_SignInit.3ssl.gz
/usr/share/man/man3/EVP_VerifyInit.3ssl.gz
/usr/share/man/man3/hmac.3ssl.gz
/usr/share/man/man3/lh_stats.3ssl.gz
/usr/share/man/man3/lhash.3ssl.gz
/usr/share/man/man3/md5.3ssl.gz
/usr/share/man/man3/mdc2.3ssl.gz
/usr/share/man/man3/OBJ_nid2obj.3ssl.gz
/usr/share/man/man3/OpenSSL_add_all_algorithms.3ssl.gz
/usr/share/man/man3/OPENSSL_config.3ssl.gz
/usr/share/man/man3/OPENSSL_load_builtin_modules.3ssl.gz
/usr/share/man/man3/OPENSSL_VERSION_NUMBER.3ssl.gz
/usr/share/man/man3/pem.3ssl.gz
/usr/share/man/man3/PKCS12_create.3ssl.gz
/usr/share/man/man3/PKCS12_parse.3ssl.gz
/usr/share/man/man3/PKCS7_decrypt.3ssl.gz
/usr/share/man/man3/PKCS7_encrypt.3ssl.gz
/usr/share/man/man3/PKCS7_sign.3ssl.gz
/usr/share/man/man3/PKCS7_verify.3ssl.gz
/usr/share/man/man3/rand.3ssl.gz
/usr/share/man/man3/RAND_add.3ssl.gz
/usr/share/man/man3/RAND_bytes.3ssl.gz
/usr/share/man/man3/RAND_cleanup.3ssl.gz
/usr/share/man/man3/RAND_egd.3ssl.gz
/usr/share/man/man3/RAND_load_file.3ssl.gz
/usr/share/man/man3/RAND_set_rand_method.3ssl.gz
/usr/share/man/man3/rc4.3ssl.gz
/usr/share/man/man3/ripemd.3ssl.gz
/usr/share/man/man3/rsa.3ssl.gz
/usr/share/man/man3/RSA_blinding_on.3ssl.gz
/usr/share/man/man3/RSA_check_key.3ssl.gz
/usr/share/man/man3/RSA_generate_key.3ssl.gz
/usr/share/man/man3/RSA_get_ex_new_index.3ssl.gz
/usr/share/man/man3/RSA_new.3ssl.gz
/usr/share/man/man3/RSA_padding_add_PKCS1_type_1.3ssl.gz
/usr/share/man/man3/RSA_print.3ssl.gz
/usr/share/man/man3/RSA_private_encrypt.3ssl.gz
/usr/share/man/man3/RSA_public_encrypt.3ssl.gz
/usr/share/man/man3/RSA_set_method.3ssl.gz
/usr/share/man/man3/RSA_sign.3ssl.gz
/usr/share/man/man3/RSA_sign_ASN1_OCTET_STRING.3ssl.gz
/usr/share/man/man3/RSA_size.3ssl.gz
/usr/share/man/man3/sha.3ssl.gz
/usr/share/man/man3/SMIME_read_PKCS7.3ssl.gz
/usr/share/man/man3/SMIME_write_PKCS7.3ssl.gz
/usr/share/man/man3/ssl.3ssl.gz
/usr/share/man/man3/SSL_accept.3ssl.gz
/usr/share/man/man3/SSL_alert_type_string.3ssl.gz
/usr/share/man/man3/SSL_CIPHER_get_name.3ssl.gz
/usr/share/man/man3/SSL_clear.3ssl.gz
/usr/share/man/man3/SSL_COMP_add_compression_method.3ssl.gz
/usr/share/man/man3/SSL_connect.3ssl.gz
/usr/share/man/man3/SSL_CTX_add_extra_chain_cert.3ssl.gz
/usr/share/man/man3/SSL_CTX_add_session.3ssl.gz
/usr/share/man/man3/SSL_CTX_ctrl.3ssl.gz
/usr/share/man/man3/SSL_CTX_flush_sessions.3ssl.gz
/usr/share/man/man3/SSL_CTX_free.3ssl.gz
/usr/share/man/man3/SSL_CTX_get_ex_new_index.3ssl.gz
/usr/share/man/man3/SSL_CTX_get_verify_mode.3ssl.gz
/usr/share/man/man3/SSL_CTX_load_verify_locations.3ssl.gz
/usr/share/man/man3/SSL_CTX_new.3ssl.gz
/usr/share/man/man3/SSL_CTX_sess_number.3ssl.gz
/usr/share/man/man3/SSL_CTX_sess_set_cache_size.3ssl.gz
/usr/share/man/man3/SSL_CTX_sess_set_get_cb.3ssl.gz
/usr/share/man/man3/SSL_CTX_sessions.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_cert_store.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_cert_verify_callback.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_cipher_list.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_client_CA_list.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_client_cert_cb.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_default_passwd_cb.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_generate_session_id.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_info_callback.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_max_cert_list.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_mode.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_msg_callback.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_options.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_quiet_shutdown.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_session_cache_mode.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_session_id_context.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_ssl_version.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_timeout.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_tmp_dh_callback.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_tmp_rsa_callback.3ssl.gz
/usr/share/man/man3/SSL_CTX_set_verify.3ssl.gz
/usr/share/man/man3/SSL_CTX_use_certificate.3ssl.gz
/usr/share/man/man3/SSL_do_handshake.3ssl.gz
/usr/share/man/man3/SSL_free.3ssl.gz
/usr/share/man/man3/SSL_get_ciphers.3ssl.gz
/usr/share/man/man3/SSL_get_client_CA_list.3ssl.gz
/usr/share/man/man3/SSL_get_current_cipher.3ssl.gz
/usr/share/man/man3/SSL_get_default_timeout.3ssl.gz
/usr/share/man/man3/SSL_get_error.3ssl.gz
/usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3ssl.gz
/usr/share/man/man3/SSL_get_ex_new_index.3ssl.gz
/usr/share/man/man3/SSL_get_fd.3ssl.gz
/usr/share/man/man3/SSL_get_peer_cert_chain.3ssl.gz
/usr/share/man/man3/SSL_get_peer_certificate.3ssl.gz
/usr/share/man/man3/SSL_get_rbio.3ssl.gz
/usr/share/man/man3/SSL_get_session.3ssl.gz
/usr/share/man/man3/SSL_get_SSL_CTX.3ssl.gz
/usr/share/man/man3/SSL_get_verify_result.3ssl.gz
/usr/share/man/man3/SSL_get_version.3ssl.gz
/usr/share/man/man3/SSL_library_init.3ssl.gz
/usr/share/man/man3/SSL_load_client_CA_file.3ssl.gz
/usr/share/man/man3/SSL_new.3ssl.gz
/usr/share/man/man3/SSL_pending.3ssl.gz
/usr/share/man/man3/SSL_read.3ssl.gz
/usr/share/man/man3/SSL_rstate_string.3ssl.gz
/usr/share/man/man3/SSL_SESSION_free.3ssl.gz
/usr/share/man/man3/SSL_SESSION_get_ex_new_index.3ssl.gz
/usr/share/man/man3/SSL_SESSION_get_time.3ssl.gz
/usr/share/man/man3/SSL_session_reused.3ssl.gz
/usr/share/man/man3/SSL_set_bio.3ssl.gz
/usr/share/man/man3/SSL_set_connect_state.3ssl.gz
/usr/share/man/man3/SSL_set_fd.3ssl.gz
/usr/share/man/man3/SSL_set_session.3ssl.gz
/usr/share/man/man3/SSL_set_shutdown.3ssl.gz
/usr/share/man/man3/SSL_set_verify_result.3ssl.gz
/usr/share/man/man3/SSL_shutdown.3ssl.gz
/usr/share/man/man3/SSL_state_string.3ssl.gz
/usr/share/man/man3/SSL_want.3ssl.gz
/usr/share/man/man3/SSL_write.3ssl.gz
/usr/share/man/man3/threads.3ssl.gz
/usr/share/man/man3/ui.3ssl.gz
/usr/share/man/man3/ui_compat.3ssl.gz
/usr/share/man/man3/X509_NAME_add_entry_by_txt.3ssl.gz
/usr/share/man/man3/X509_NAME_ENTRY_get_object.3ssl.gz
/usr/share/man/man3/X509_NAME_get_index_by_NID.3ssl.gz
/usr/share/man/man3/X509_NAME_print_ex.3ssl.gz
/usr/share/man/man3/X509_new.3ssl.gz
/usr/share/man/man5/config.5ssl.gz
/usr/share/man/man5/named.conf.5.gz
/usr/share/man/man5/rndc.conf.5.gz
/usr/share/man/man5/rsyncd.conf.5.gz
/usr/share/man/man7/des_modes.7ssl.gz
/usr/share/man/man8/dnssec-keygen.8.gz
/usr/share/man/man8/dnssec-signzone.8.gz
/usr/share/man/man8/lwresd.8.gz
/usr/share/man/man8/named-checkconf.8.gz
/usr/share/man/man8/named-checkzone.8.gz
/usr/share/man/man8/named.8.gz
/usr/share/man/man8/nsupdate.8.gz
/usr/share/man/man8/rndc-confgen.8.gz
/usr/share/man/man8/rndc.8.gz

Modified
--------
/home
/Library/Caches
/Library/Caches/com.apple.LaunchServices-0230.csstore
/Library/Caches/com.apple.LaunchServices-023501.csstore
/Library/Logs
/Library/Logs/CoreRAID.log
/Library/Logs/DirectoryService
/Library/Logs/DirectoryService/DirectoryService.server.log
/Library/Logs/Software Update.log
/Library/Preferences
/Library/Preferences/.GlobalPreferences.plist
/Library/Preferences/com.apple.audio.DeviceSettings.plist
/Library/Preferences/com.apple.audio.SystemSettings.plist
/Library/Preferences/com.apple.BezelServices.plist
/Library/Preferences/com.apple.loginwindow.plist
/Library/Preferences/com.apple.SoftwareUpdate.plist
/Library/Preferences/DirectoryService
/Library/Preferences/DirectoryService/.DSIsRunning
/Library/Preferences/SystemConfiguration
/Library/Preferences/SystemConfiguration/com.apple.network.identification.plist
/Library/Receipts
/Library/Receipts/boms
/Library/Receipts/db
/Library/Receipts/db/a.receiptdb
/Library/Updates
/Library/Updates/index.plist
/net
/private/etc
/private/etc/authorization
/private/tmp
/private/tmp/launch-HR7nGT
/private/tmp/launch-HR7nGT/Listeners
/private/tmp/launch-k6yTQF
/private/tmp/launch-k6yTQF/Render
/private/tmp/launch-zMackI
/private/tmp/launch-zMackI/:0
/private/tmp/launchd-77.iWlDRh
/private/tmp/launchd-77.iWlDRh/sock
/private/var/db
/private/var/db/BootCache.playlist
/private/var/db/CodeEquivalenceDatabase
/private/var/db/dhcpclient/leases
/private/var/db/dhcpclient/leases/en0-1,0:17:f2:df:26:c0
/private/var/db/dslocal/nodes/Default/config
/private/var/db/dslocal/nodes/Default/config/SharePoints.plist
/private/var/db/dyld
/private/var/db/dyld/dyld_shared_cache_i386
/private/var/db/dyld/dyld_shared_cache_i386.map
/private/var/db/shadow/hash/1795DA9D-41B3-47A3-802F-D0C8FE9B54B0.state
/private/var/db/SystemEntropyCache
/private/var/log/alf.log
/private/var/log/appfirewall.log
/private/var/log/asl.db
/private/var/log/asl.log
/private/var/log/crashreporter.log
/private/var/log/daily.out
/private/var/log/fsck_hfs.log
/private/var/log/hdiejectd.log
/private/var/log/install.log
/private/var/log/ipfw.log
/private/var/log/lastlog
/private/var/log/lookupd.log
/private/var/log/mb.log
/private/var/log/monthly.out
/private/var/log/netinfo.log
/private/var/log/OSInstall.custom
/private/var/log/secure.log
/private/var/log/system.log
/private/var/log/weekly.out
/private/var/log/windowserver.log
/private/var/log/wtmp
/private/var/tmp
/private/var/tmp/launchd
/private/var/tmp/launchd/sock
/private/var/tmp/mds
/private/var/tmp/mds/501
/private/var/tmp/mds/501/mds.lock
/private/var/tmp/mds/501/mdsDirectory.db
/private/var/tmp/mds/501/mdsObject.db
/private/var/tmp/mds/messages
/private/var/tmp/mds/messages/se_SecurityMessages
/private/var/tmp/mds/system
/private/var/tmp/mds/system/.fl8E6EFC6C
/private/var/tmp/mds/system/.flCF600F4B
/private/var/tmp/mds/system/mds.lock
/private/var/tmp/mds/system/mdsDirectory.db
/private/var/tmp/mds/system/mdsObject.db
/private/var/vm
/private/var/vm/swapfile0
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A
/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/Resources
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Resources
/System/Library/Frameworks/QuickLook.framework/Versions/A
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Audio.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Audio.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Bookmark.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Bookmark.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Contact.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Contact.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Font.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Font.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/iCal.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/iCal.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Mail.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Mail.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Movie.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Movie.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Package.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Package.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/PDF.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/PDF.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/StandardBundles.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/StandardBundles.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Text.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Text.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Web.qlgenerator/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/Generators/Web.qlgenerator/Contents/MacOS
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/quicklookd.app
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/quicklookd.app/Contents
/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/quicklookd.app/Contents/MacOS
/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A
/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/Resources
/System/Library/PrivateFrameworks/OfficeImport.framework/Versions/A
/System/Library/PrivateFrameworks/OfficeImport.framework/Versions/A/Resources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Generic.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Generic.qldisplay/Contents/MacOS
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Image.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Image.qldisplay/Contents/MacOS
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Movie.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Movie.qldisplay/Contents/MacOS
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Music.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Music.qldisplay/Contents/MacOS
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Music.qldisplay/Contents/Resources
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/NSImage.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/NSImage.qldisplay/Contents/MacOS
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/PDF.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/PDF.qldisplay/Contents/MacOS
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/QC.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/QC.qldisplay/Contents/MacOS
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Text.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Text.qldisplay/Contents/MacOS
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Web.qldisplay/Contents
/System/Library/PrivateFrameworks/QuickLookUI.framework/Versions/A/Resources/DisplayBundles/Web.qldisplay/Contents/MacOS
/usr/bin
/usr/lib
/usr/lib/php/build
/usr/libexec
/usr/libexec/apache2
/usr/sbin
/usr/share/man/man1
/usr/share/man/man3
/usr/share/man/man5
/usr/share/man/man7
/usr/share/man/man8

ARDAgent: What a Patch

Some five years after the fact Apple finally tire of telling people 'behaves correctly' in regard to the ARDAgent hole. But the ARDAgent hole is not a programming blooper - it's a design flaw.

The assessment of Apple's 'band-aid fix' for the ARDAgent hole is left as an exercise for the reader.

$ osascript -e 'tell application "ARDAgent" to do shell script "whoami"'
<YOU>
$ cd '/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS'
$ sudo chmod 4555 ARDAgent
$ osascript -e 'tell application "ARDAgent" to do shell script "whoami"'
31:55: execution error: ARDAgent got an error:
"whoami" doesn’t understand the do shell script message. (-1708)
$ sudo chmod 0555 ARDAgent
$ osascript -e 'tell application "ARDAgent" to do shell script "whoami"'
<YOU>
$ cd '/Applications/Address Book.app/Contents/MacOS'
$ sudo chmod 4775 'Address Book'
$ osascript -e 'tell application "Address Book" to do shell script "whoami"'
35:59: execution error: Address Book got an error:
"whoami" doesn’t understand the do shell script message. (-1708)
$ sudo chmod 0775 'Address Book'
$ osascript -e 'tell application "Address Book" to do shell script "whoami"'
35:59: execution error: Address Book got an error:
"whoami" doesn’t understand the do shell script message. (-1708)
$

Still Another Hole

The system login items design flaw - it too approximately five years old - remains. Root escalation without authentication is still possible on any Apple computer.

They might have been slow with this patch but boy does it look good!
 - 'PsyQo'

See Also
Red Hat Diaries: Proactive Mac Security
Industry Watch: Huge, Crazy, Ridiculous OS X Security Hole

The Technological: Bias
Metasploit Blog: BailiWicked
Industry Watch: Hack out of the Bag
Apple: About Security Update 2008-005
Slashdot: Apple Patch Kaminsky DNS Vulnerability
Security Fix: Fortify Your Internet Security Settings Now

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.