Apple Mac OS X Kernel MACH_MSG_SEND Local Heap Overflow Vulnerability
BID:17056
Info
Apple Mac OS X Kernel MACH_MSG_SEND Local Heap Overflow Vulnerability
| Bugtraq ID: | 17056 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 09 2006 12:00AM |
| Updated: | Mar 11 2006 06:30AM |
| Credit: | Discovery is credited to nemo. |
| Vulnerable: |
Cosmicperl Directory Pro 10.0.3 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.3.9 Apple Mac OS X Server 10.3.8 Apple Mac OS X Server 10.3.7 Apple Mac OS X Server 10.3.6 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X Server 10.2.8 Apple Mac OS X Server 10.2.7 Apple Mac OS X Server 10.2.6 Apple Mac OS X Server 10.2.5 Apple Mac OS X Server 10.2.4 Apple Mac OS X Server 10.2.3 Apple Mac OS X Server 10.2.2 Apple Mac OS X Server 10.2.1 Apple Mac OS X Server 10.2 Apple Mac OS X Server 10.1.5 Apple Mac OS X Server 10.1.4 Apple Mac OS X Server 10.1.3 Apple Mac OS X Server 10.1.2 Apple Mac OS X Server 10.1.1 Apple Mac OS X Server 10.1 Apple Mac OS X Server 10.0 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.3.9 Apple Mac OS X 10.3.8 Apple Mac OS X 10.3.7 Apple Mac OS X 10.3.6 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.3.3 Apple Mac OS X 10.3.2 Apple Mac OS X 10.3.1 Apple Mac OS X 10.3 Apple Mac OS X 10.2.8 Apple Mac OS X 10.2.7 Apple Mac OS X 10.2.6 Apple Mac OS X 10.2.5 Apple Mac OS X 10.2.4 Apple Mac OS X 10.2.3 Apple Mac OS X 10.2.2 Apple Mac OS X 10.2.1 Apple Mac OS X 10.2 Apple Mac OS X 10.1.5 Apple Mac OS X 10.1.4 Apple Mac OS X 10.1.3 Apple Mac OS X 10.1.2 Apple Mac OS X 10.1.1 Apple Mac OS X 10.1 Apple Mac OS X 10.1 Apple Mac OS X 10.0.4 Apple Mac OS X 10.0.3 Apple Mac OS X 10.0.2 Apple Mac OS X 10.0.1 Apple Mac OS X 10.0 |
| Not Vulnerable: | |
Discussion
Apple Mac OS X Kernel MACH_MSG_SEND Local Heap Overflow Vulnerability
Apple Mac OS X kernel is prone to a local heap-overflow vulnerability.
Specifically, the vulnerability affects the 'mach_msg_send()' function of the kernel. A successful attack may result in a complete compromise. Failed exploit attempts will most likely result in a denial-of-service condition.
All versions of the operating system are considered be vulnerable.
Apple Mac OS X kernel is prone to a local heap-overflow vulnerability.
Specifically, the vulnerability affects the 'mach_msg_send()' function of the kernel. A successful attack may result in a complete compromise. Failed exploit attempts will most likely result in a denial-of-service condition.
All versions of the operating system are considered be vulnerable.
Exploit / POC
Apple Mac OS X Kernel MACH_MSG_SEND Local Heap Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Apple Mac OS X Kernel MACH_MSG_SEND Local Heap Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Apple Mac OS X Kernel MACH_MSG_SEND Local Heap Overflow Vulnerability
References:
References:
- MAC OSX (nemo)
- Vendor Home Page (Apple)