OSVDB ID: 31781

Title: Apple Mac OS X and NetBSD ftpd Globbing Overflow

Info

Disclosure
Nov 30, 2006

Discovery
Unknown

Dates

Exploit
Nov 30, 2006

Solution
Unknown

Description

 A remote overflow exists in NetBSD and Mac OS X. The glob.c implementation in ftpd daemon fails to validate long pathnames resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

 Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

 For NetBSD, upgrade to versions 3.1, 3.0, 2.1 and 2.0.x (2006-12-03) or higher, as they have been reported to fix this vulnerability. Note that this flaw was fixed in the 2006-12-03 releases without a change in version number. An upgrade is required as there are no known workarounds. For Mac OS X, currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Products

NetBSD Foundation, Inc.

NetBSD

 3.1
3.0.x
2.1
2.0.x

Apple Computer, Inc.

Mac OS X

 10.3.x
10.4
10.4.1
10.4.2
10.4.3
10.4.4
10.4.5
10.4.6
10.4.7
10.4.8
10.4.9

References

Credit
  • Kevin Finisterre - kfdigitalmunition.com -


Direct URL: http://osvdb.org/31781