Mac OS X ping Local Overflow

2005-08-17T06:29:46
ID OSVDB:18786
Type osvdb
Reporter Neil Archibald()
Modified 2005-08-17T06:29:46

Description

Vulnerability Description

A local overflow exists in Mac OS X. The ping command fails to validate unspecified input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Short Description

A local overflow exists in Mac OS X. The ping command fails to validate unspecified input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Security Tracker: 1014701 Secunia Advisory ID:16449 Other Advisory URL: http://www.suresec.org/advisories/adv5.pdf Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0717.html Generic Informational URL: http://news.com.com/Apple+unloads+dozens+of+fixes+for+OS+X/2100-1002_3-5834873.html CVE-2005-2514