OSVDB ID: 32699 Title: Apple iChat _presence._tcp Records DoS |
Info |
|
|
Dates |
||||
|
|
Description |
Apple iChat allows a remote denial of service due to permitting the addition of any advertised _presence._tcp records without verifying whether they already exist. The issue can be triggered when a remote malicious user on the same multicast network as other iChat users advertises multiple fake _presence._tcp records. This may lead to the attacker blocking those users from having reliable communications and finding additional peers in the network, resulting in a loss of availability for the iChat service. |
Classification |
Location:
Remote / Network Access
Attack Type: Denial of Service Impact: Loss of Availability Exploit: Exploit Public Disclosure: OSVDB Verified, Vendor Verified |
Solution |
Download and install Security Update 2007-002 (PPC) via Software Update preferences, or from Apple Downloads, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): - Do not use iChat with the Bonjour service. or - Disable mDNSResponder using the following (by author): sudo launchctl unload /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist sudo mv /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist \ /Users/Shared/com.apple.mDNSResponder.plist.BACKUP |
Products |
|
References |
|
Credit |
|
info-pull.com -