Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability
BID:9730
Info
Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability
| Bugtraq ID: | 9730 |
| Class: | Input Validation Error |
| CVE: |
CVE-2004-0165 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 24 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Discovery of this vulnerability has been credited to Dave G. <[email protected]>. |
| Vulnerable: |
Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X Server 10.2.8 Apple Mac OS X Server 10.2.7 Apple Mac OS X Server 10.2.6 Apple Mac OS X Server 10.2.5 Apple Mac OS X Server 10.2.4 Apple Mac OS X Server 10.2.3 Apple Mac OS X Server 10.2.2 Apple Mac OS X Server 10.2.1 Apple Mac OS X Server 10.2 Apple Mac OS X Server 10.1.5 Apple Mac OS X Server 10.1.4 Apple Mac OS X Server 10.1.3 Apple Mac OS X Server 10.1.2 Apple Mac OS X Server 10.1.1 Apple Mac OS X Server 10.1 Apple Mac OS X Server 10.0 Apple Mac OS X 10.3.2 Apple Mac OS X 10.3.1 Apple Mac OS X 10.3 Apple Mac OS X 10.2.8 Apple Mac OS X 10.2.7 Apple Mac OS X 10.2.6 Apple Mac OS X 10.2.5 Apple Mac OS X 10.2.4 Apple Mac OS X 10.2.3 Apple Mac OS X 10.2.2 Apple Mac OS X 10.2.1 Apple Mac OS X 10.2 Apple Mac OS X 10.1.5 Apple Mac OS X 10.1.4 Apple Mac OS X 10.1.3 Apple Mac OS X 10.1.2 Apple Mac OS X 10.1.1 Apple Mac OS X 10.1 Apple Mac OS X 10.1 Apple Mac OS X 10.0.4 Apple Mac OS X 10.0.3 Apple Mac OS X 10.0.2 Apple Mac OS X 10.0.1 Apple Mac OS X 10.0 3 Apple Mac OS X 10.0 |
| Not Vulnerable: | |
Discussion
Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability
The Apple Mac OS X pppd has been reported to be prone to a format string vulnerability. When the ppp daemon processes an invalid command line argument, a function, error(), is called on the user-supplied data. Format specifiers that are contained within the supplied data will be interpreted literally, providing an attacker a conduit to read from pppd process memory.
The Apple Mac OS X pppd has been reported to be prone to a format string vulnerability. When the ppp daemon processes an invalid command line argument, a function, error(), is called on the user-supplied data. Format specifiers that are contained within the supplied data will be interpreted literally, providing an attacker a conduit to read from pppd process memory.
Exploit / POC
Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability
Solution:
The vendor has released Security Update 2004-02-23 to address this issue.
Apple Mac OS X 10.2.8
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.3.2
Apple Mac OS X Server 10.3.2
Solution:
The vendor has released Security Update 2004-02-23 to address this issue.
Apple Mac OS X 10.2.8
-
Apple SecUpd2004-02-23Jag.dmg
http://www.info.apple.com/kbnum/n120277
Apple Mac OS X Server 10.2.8
-
Apple SecUpdSrvr2004-02-23Jag.dmg
http://www.info.apple.com/kbnum/n120322
Apple Mac OS X 10.3.2
-
Apple SecUpd2004-02-23Pan.dmg
http://www.info.apple.com/kbnum/n120323
Apple Mac OS X Server 10.3.2
-
Apple SecUpdSrvr2004-02-23Pan.dmg
http://www.info.apple.com/kbnum/n120324
References
Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability
References:
References:
- Mac OS X Homepage (Apple)
- Mac OS X pppd format string vulnerability (@Stake)