Mac OS X Kernel argv Command Line Overflow

2003-10-28T00:00:00
ID OSVDB:6690
Type osvdb
Reporter Matt Miller(mpmiller@mac.com), Dave G.(daveg@atstake.com)
Modified 2003-10-28T00:00:00

Description

Vulnerability Description

A local overflow exists in Mac OS X. The kernel fails to validate arguments resulting in a buffer overflow. With a specially crafted request, an attacker can cause the kernel to crash resulting in a loss of availability.

Solution Description

Upgrade to version 10.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local overflow exists in Mac OS X. The kernel fails to validate arguments resulting in a buffer overflow. With a specially crafted request, an attacker can cause the kernel to crash resulting in a loss of availability.

References:

Secunia Advisory ID:10086 Other Advisory URL: http://www.atstake.com/research/advisories/2003/a102803-3.txt ISS X-Force ID: 13541 CVE-2003-0895 Bugtraq ID: 8913 Bugtraq ID: 8917