Mac OS X AFP Server Legacy Client Support Overflow

2005-06-02T00:00:00
ID OSVDB:17268
Type osvdb
Reporter OSVDB
Modified 2005-06-02T00:00:00

Description

Vulnerability Description

A remote overflow exists in Mac OS X. The AFP server fails to validate input which is processed by code which supports legacy clients resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Mac OS X. The AFP server fails to validate input which is processed by code which supports legacy clients resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Security Tracker: 1014138 Secunia Advisory ID:15481 ISS X-Force ID: 20928 CVE-2005-1721