Mac OS X SecurityServer Local DoS

2003-12-30T10:23:55
ID OSVDB:3314
Type osvdb
Reporter Matt Burnett(marukka@consoleconductor.com)
Modified 2003-12-30T10:23:55

Description

Vulnerability Description

Mac OS X contains a flaw that may allow a local denial of service. The issue is triggered when unlocking a locked keychain and using a very long password. This will result in the SecurityServer crashing and starting a cascading effect of crashing other processes that rely on it.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Mac OS X contains a flaw that may allow a local denial of service. The issue is triggered when unlocking a locked keychain and using a very long password. This will result in the SecurityServer crashing and starting a cascading effect of crashing other processes that rely on it.

References:

Secunia Advisory ID:10524 Other Advisory URL: http://packetstormsecurity.nl/0312-exploits/dosMac.txt Mail List Post: http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0075.html ISS X-Force ID: 14114 Bugtraq ID: 9332