OSVDB ID: 32698

Title: Apple Mac OS X Bonjour Functionality _presence._tcp mDNS Query Saturation DoS

Info

Disclosure

Jan 29, 2007

Discovery

Unknown

Dates

Exploit

Jan 29, 2007

Solution

Unknown

Description

Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered when Bonjour accepts _presence._tcp records without validation, and can result in loss of availability for the applications that rely on mDNS service advertisements.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Public

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Apple Computer, Inc.

Mac OS X

10.4.8

References

CVE ID: 2007-0613 (see also: NVD)
Bugtraq ID: 22304
Related OSVDB ID: 32699
Vendor Specific Advisory URL: http://docs.info.apple.com/article.html?artnum=305102
Other Advisory URL: http://projects.info-pull.com/moab/MOAB-29-01-2007.html

Credit

LMH - lmhinfo-pull.com -

Direct URL: http://osvdb.org/32698