Info

Disclosure

Nov 14, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered by an unspecified flaw when the FTP server attempts to authenticate valid users, and will result in loss of availability for the service.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Information Disclosure
Impact: Loss of Confidentiality, Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Products

Apple Computer, Inc.

Mac OS X

10.3.x

References

CVE ID: 2006-4403 (see also: NVD)
Bugtraq ID: 21335
Secunia Advisory ID: 23155
Related OSVDB ID: 30726 30727 30728 30729 30730 30731 30732 30733 30735 30736 30737 30738 30739
CERT VU: 371648
VUPEN Advisory: ADV-2006-4750
Vendor Specific Advisory URL: http://docs.info.apple.com/article.html?artnum=304829
News Article: http://news.com.com/Apple+Mac+OS+X+patch+plugs+31+vulnerabilities/2100-1002_3-6139117.html

Credit

Benjamin Williams - University of Canterbury

Direct URL: http://osvdb.org/30734