According to Secure Resumption, the triple-handshake issue can be described like this: “If a TLS client connects to a malicious server and presents a client credential, the server can then impersonate the client at any other server that accepts the same credential. Concretely, the malicious server performs a man-in-the-middle attack on three successive handshakes between the honest client and server, and succeeds in impersonating the client on the third handshake.”
Resulting, of course, in the gaining of complete access to the server.
To prevent attacks based on this scenario, Secure Transport was changed so that, by default, a renegotiation must present the same server certificate as was presented in the original connection.
Another flaw in iOS and OS X would allow an attacker in a privileged network position to obtain website credentials. It allowed Set-Cookie HTTP headers to be processed even if the connection closed before the header line was complete.
“An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie,” Apple said in its advisory. “This issue was addressed by ignoring incomplete HTTP header lines.”
A WebKit update, meanwhile, fixed multiple memory corruption issues that led to the possibility that visiting a maliciously crafted website could lead to an unexpected application termination or arbitrary code execution.
The OS X update also contains a number of fixes for remote code execution vulnerabilities uncovered at the last Pwn2Own in Vancouver.