OSVDB ID: 5762 Title: Apple Mac OS X AppleFileServer Pre-Authentication Remote Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
MacOS X contains a flaw that may allow a remote attacker to gain administrative privileges. The issue is due to a stack buffer overflow in the pre-authentication routine. The overflow occurs when the PathName argument from the LoginExt packet requests authentication using the Cleartext Password User Authentication Method (UAM). With a specially crafted request, an attacker can gain full administrative privilege over the machine remotely. |
Classification |
Location:
Remote / Network Access
Attack Type: Input Manipulation Impact: Loss of Integrity Solution: Workaround, Patch / RCS Exploit: Exploit Public Disclosure: OSVDB Verified, Vendor Verified |
Solution |
Apple has released a patch to address this vulnerability. It is also possible to correct the flaw by implementing the following workaround: Disable AFS if not essential. For Mac OS X 10.3.3 "Panther" ============================= http://download.info.apple.com/Mac_OS_X/061-1213.20040503.vngr3/2Z/SecUpd2004-05-03Pan.dmg For Mac OS X Server 10.3.3 ========================== http://download.info.apple.com/Mac_OS_X/061-1215.20040503.mPp9k/2Z/SecUpdSrvr2004-05-03Pan.dmg For Mac OS X 10.2.8 "Jaguar" ============================= http://download.info.apple.com/Mac_OS_X/061-1217.20040503.BmkY5/2Z/SecUpd2004-05-03Jag.dmg For Mac OS X Server 10.2.8 ========================== http://download.info.apple.com/Mac_OS_X/061-1219.20040503.Zsw3S/2Z/SecUpdSrvr2004-05-03Jag.dmg |
Products |
|
References |
|
Credit |
|
atstake.com - @stake, Inc.