Immunity Canvas: MU

2007-08-03T06:17:00
ID MU
Type canvas
Reporter Immunity Canvas
Modified 2007-08-03T06:17:00

Description

Name| mu
---|---
CVE| CVE-2007-3744
Exploit Pack| CANVAS
Description| MacOS X 10.4 mDNSResponder UPNP Remote Root Exploit
Notes| CVE Name: CVE-2007-3744
Notes: If the target port is not specified, it will be located automatically.
This exploit will attempt to bypass the built-in OS X firewall by sending packets
from port 5353. Hence, it currently only works from a LocalNode.

If you're testing on your own box, and you crash mDNS, by picking the wrong
version, you can find the new port via: netstat -an | grep udp4

It will likely be 49XXX or 5XXXX.

This exploit does not work FROM an OS X machine due to UDP packet size limits. Sorry!

VENDOR: Apple
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3744
CVSS: 5.8