Apple iChat allows a remote denial of service due to permitting the addition of any advertised _presence._tcp records without verifying whether they already exist. The issue can be triggered when a remote malicious user on the same multicast network as other iChat users advertises multiple fake _presence._tcp records. This may lead to the attacker blocking those users from having reliable communications and finding additional peers in the network, resulting in a loss of availability for the iChat service.
Classification
Location:
Remote/Network Access Required
Attack Type:
Denial of Service,
Hijacking
Impact:
Loss of Availability
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
Solution
Download and install Security Update 2007-002 (PPC) via Software Update preferences, or from Apple Downloads, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): - Do not use iChat with the Bonjour service. or - Disable mDNSResponder using the following (by author): sudo launchctl unload /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist sudo mv /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist \ /Users/Shared/com.apple.mDNSResponder.plist.BACKUP
info-pull.com -