BID:13207

Apple Mac OS X Kernel Syscall Emulation Buffer Overflow Vulnerability

Info

Apple Mac OS X Kernel Syscall Emulation Buffer Overflow Vulnerability

Bugtraq ID:	13207
Class:	Boundary Condition Error
CVE:	CVE-2005-0969
Remote:	No
Local:	Yes
Published:	Apr 16 2005 12:00AM
Updated:	Jul 12 2009 12:56PM
Credit:	Dino Dai Zovi is credited with the discovery of this issue.
Vulnerable:	Apple Mac OS X Server 10.3.8 Apple Mac OS X Server 10.3.7 Apple Mac OS X Server 10.3.6 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X Server 10.2.8 Apple Mac OS X Server 10.2.7 Apple Mac OS X Server 10.2.6 Apple Mac OS X Server 10.2.5 Apple Mac OS X Server 10.2.4 Apple Mac OS X Server 10.2.3 Apple Mac OS X Server 10.2.2 Apple Mac OS X Server 10.2.1 Apple Mac OS X Server 10.2 Apple Mac OS X Server 10.1.5 Apple Mac OS X Server 10.1.4 Apple Mac OS X Server 10.1.3 Apple Mac OS X Server 10.1.2 Apple Mac OS X Server 10.1.1 Apple Mac OS X Server 10.1 Apple Mac OS X Server 10.0 Apple Mac OS X 10.3.8 Apple Mac OS X 10.3.7 Apple Mac OS X 10.3.6 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.3.3 Apple Mac OS X 10.3.2 Apple Mac OS X 10.3.1 Apple Mac OS X 10.3 Apple Mac OS X 10.2.8 Apple Mac OS X 10.2.7 Apple Mac OS X 10.2.6 Apple Mac OS X 10.2.5 Apple Mac OS X 10.2.4 Apple Mac OS X 10.2.3 Apple Mac OS X 10.2.2 Apple Mac OS X 10.2.1 Apple Mac OS X 10.2 Apple Mac OS X 10.1.5 Apple Mac OS X 10.1.4 Apple Mac OS X 10.1.3 Apple Mac OS X 10.1.2 Apple Mac OS X 10.1.1 Apple Mac OS X 10.1 Apple Mac OS X 10.1 Apple Mac OS X 10.0.4 Apple Mac OS X 10.0.3 Apple Mac OS X 10.0.2 Apple Mac OS X 10.0.1 Apple Mac OS X 10.0 3 Apple Mac OS X 10.0

Not Vulnerable:	Apple Mac OS X Server 10.3.9 Apple Mac OS X 10.3.9

Discussion

Apple Mac OS X Kernel Syscall Emulation Buffer Overflow Vulnerability

A heap-based buffer overflow vulnerability affects Apple Mac OS X. This issue is due to a failure of the application to securely manage user-supplied data when copying it into sensitive memory space while managing syscall emulation functionality.

An attacker may leverage this issue to cause a denial of service condition and potentially execute code with kernel level privileges.

It should be noted that this issue was previously reported in BID 13203 (Apple Mac OS X Kernel Multiple Local Privilege Escalation And Denial Of Service Vulnerabilities); it has been assigned its own BID.

Exploit / POC

Apple Mac OS X Kernel Syscall Emulation Buffer Overflow Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

Apple Mac OS X Kernel Syscall Emulation Buffer Overflow Vulnerability

Solution:
Apple has released security advisory APPLE-SA-2005-04-15 along with fixes dealing with this issue. Please see the referenced advisory for more information.

Apple Mac OS X Server 10.3