Mac OS X OpenLDAP Server Malformed Request Remote DoS

2006-06-26T06:49:08
ID OSVDB:26932
Type osvdb
Reporter OSVDB
Modified 2006-06-26T06:49:08

Description

Vulnerability Description

Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted request to the OpenLDAP server, and will result in loss of availability for the service.

Solution Description

Upgrade to version 10.4.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted request to the OpenLDAP server, and will result in loss of availability for the service.

References:

Vendor Specific Advisory URL Security Tracker: 1016396 Secunia Advisory ID:20877 Related OSVDB ID: 26930 Related OSVDB ID: 26933 Related OSVDB ID: 26931 News Article: http://news.com.com/Apple+updates+Mac+OS+to+squash+bugs/2100-1002_3-6088787.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0800.html Keyword: MU-200606-02 FrSIRT Advisory: ADV-2006-2566 CVE-2006-1470 CERT VU: 652196 Bugtraq ID: 18728 Bugtraq ID: 18686