OSVDB ID: 40670

Title: Apple Mac OS X Networking Component Crafted IPV6 Packets Remote Code Execution

Info

Disclosure

Nov 15, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Nov 15, 2007

Description

A double-free issue exists in Mac OS X. The Networking component fails to validate IPv6 packets resulting in memory being freed which had already been freed. With a specially crafted packet, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Upgrade to version 10.4.10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Apple Computer, Inc.	Mac OS X	10.4.3
		10.4.4
		10.4.1
		10.4.6
		10.4.8
		10.4.2
		10.4.10
		10.4.5
		10.4.7
		10.4.9
		10.4

References

Security Tracker: 1018950
CVE ID: 2007-4689 (see also: NVD)
Bugtraq ID: 26444
Secunia Advisory ID: 27643
ISS X-Force ID: 38474
Related OSVDB ID: 40661 40662 40663 40664 40665 40666 40667 40668 40669 40671 40672 40673 40674 40675 40676 40677 40678 40679 40680 40681 40682 40683 40684 40685 40686 40687 40688 40689 40690 40691 40693
VUPEN Advisory: ADV-2007-3868
Vendor Specific Advisory URL: http://docs.info.apple.com/article.html?artnum=307041
Mail List Post: http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html
Other Advisory URL: http://www.us-cert.gov/cas/techalerts/TA07-319A.html
CERT: TA07-319A

Credit

Bhavesh Davda - VMware
Brian Keefer - Tumbleweed Communications

Direct URL: http://osvdb.org/40670

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Apple Computer, Inc.

Mac OS X

References

Credit