Info

Disclosure

Jun 26, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted request to the OpenLDAP server, and will result in loss of availability for the service.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Upgrade to version 10.4.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Apple Computer, Inc.	Mac OS X	10.4
		10.4.1
		10.4.2
		10.4.3
		10.4.4
		10.4.5
		10.4.6

References

Security Tracker: 1016396
Bugtraq ID: 18686 18728
CVE ID: 2006-1470 (see also: NVD)
Secunia Advisory ID: 20877
Related OSVDB ID: 26930 26931 26933
CERT VU: 652196
VUPEN Advisory: ADV-2006-2566
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0800.html
Vendor Specific Advisory URL: http://docs.info.apple.com/article.html?artnum=303973
News Article: http://news.com.com/Apple+updates+Mac+OS+to+squash+bugs/2100-1002_3-6088787.html
Keyword: MU-200606-02

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/26932

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Apple Computer, Inc.

Mac OS X

References

Credit