Mac OS X vpnd Bug Lets Remote Users Deny Service

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker Alert ID: 1019052

SecurityTracker URL: http://securitytracker.com/id/1019052

CVE Reference: CVE-2007-6276 (Links to External Site)

Updated: Jul 1 2008

Original Entry Date: Dec 6 2007

Impact: Denial of service via network

Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes

Description: A vulnerability was reported in vpnd on Mac OS X. A remote user can cause denial of service conditions.

A remote user can send specially crafted data to cause the target service to crash.

mu-b reported this vulnerability.

A demonstration exploit is available at:

http://milw0rm.com/exploits/4690

Impact: A remote user can cause denial of service conditions.

Solution: The vendor has issued a fix (Security Update 2008-004 and Mac OS X 10.5.4), which can be downloaded and installed via Software Update preferences, or from Apple Downloads at:

http://www.apple.com/support/downloads/

The vendor's advisory is available at:

http://support.apple.com/kb/HT2163

Vendor URL: support.apple.com/kb/HT2163 (Links to External Site)

Cause: Boundary error

Underlying OS: UNIX (macOS/OS X)

Underlying OS Comments: 10.5 through 10.5.3

Message History: None.


[Original Message Not Available for Viewing]

Home | View Topics | Search | Contact Us
This web site uses cookies for web analytics. Learn More
Copyright 2018, SecurityGlobal.net LLC