Apple Software Update Format String Vulnerability
BID:22222
Info
Apple Software Update Format String Vulnerability
| Bugtraq ID: | 22222 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-0463 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 25 2007 12:00AM |
| Updated: | Mar 13 2007 10:45PM |
| Credit: | KF is credited with discovery of this vulnerability. |
| Vulnerable: |
Apple Software Update 2.0.5 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.3.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.3.9 |
| Not Vulnerable: |
Apple Mac OS X Server 10.4.9 Apple Mac OS X 10.4.9 |
Discussion
Exploit / POC
Apple Software Update Format String Vulnerability
A proof-of-concept file can be created with the touch command:
$ touch %x.%x.%x.%x.%x.%x.%x.swutmp
$ open %x.%x.%x.%x.%x.%x.%x.swutmp
A proof-of-concept file can be created with the touch command:
$ touch %x.%x.%x.%x.%x.%x.%x.swutmp
$ open %x.%x.%x.%x.%x.%x.%x.swutmp
Solution / Fix
Apple Software Update Format String Vulnerability
Solution:
The vendor has released Mac OS X v10.4.9 to address this issue; please see the reference section for details.
Apple Mac OS X 10.3.9
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4
Apple Mac OS X Server 10.4.1
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4.2
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.3
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.4
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.5
Apple Mac OS X 10.4.5
Apple Mac OS X Server 10.4.6
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.7
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.8
Apple Mac OS X 10.4.8
Solution:
The vendor has released Mac OS X v10.4.9 to address this issue; please see the reference section for details.
Apple Mac OS X 10.3.9
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.3.9
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.1
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.1
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.2
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.2
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.3
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.3
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.4
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.4
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.5
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.5
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.6
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.6
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.7
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.7
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.8
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.8
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
References
Apple Software Update Format String Vulnerability
References:
References: