Apple has released a pair of security updates for Mac OS X 10.2.6 client and server systems.

Security Update2003-08-14 v.1.0 (Client): "Addresses a potential vulnerability in the fb_realpath() function which could allow a local or remote user to gain unauthorized root privileges to a system." The effect of this vulnerability was to potentially allow remote users to execute arbitrary code. The 1MB download is available through Software Update and also for direct download from Apple's support pages.

Security Update2003-08-14 v.1.0 (Server) addresses the same vulnerability, Apple said it: "Addresses a potential vulnerability in the fb_realpath() function, specifically in FTPServer and Libc projects, which could allow a local or remote user to gain unauthorized root privileges to a system." This server update is also a 1MB download and is also avaiable using Software Update and from Apple's support pages.