Dailydave mailing list archives
I love the smell of remote root in the morning
From: "Dave Aitel" <dave.aitel () gmail com>
Date: Fri, 25 May 2007 09:04:27 -0400
Unfortunately, this morning I can't smell anything. I'm supposed to be helping Kostya teach Unethical Hacking, but instead I'm home sick, coughing up things from the bottom of the ocean. I'm not checking my corporate email, because you don't want to be making any decisions on whatever drugs I'm pumped full of right now. I did check our partner's page out this morning and I notice there's a new vulnerability in OS X out. The Apple advisory says: """ - *mDNSResponder* CVE-ID: CVE-2007-2386 Available for: Mac OS X v10.4.9, Mac OS X Server v10.4.9 Impact: An attacker on the local network may be able to cause a denial of service or arbitrary code execution Description: A buffer overflow vulnerability exists in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code used to create Port Mappings on home NAT gateways in the OS X mDNSResponder implementation. By sending a maliciously crafted packet, an attacker on the local network can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation when processing UPnP protocol packets. This issue does not affect systems prior to Mac OS X v10.4. Credit to Michael Lynn of Juniper Networks for reporting this issue. [image: spacer] """ So essentially a reliable remote root on everyone at Starbucks or on all those OS X fiends at security conventions. The Immunity exploit will do so on either PPC or Intel, your pick, and since the service restarts, you get to pick twice. :> -dave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- I love the smell of remote root in the morning Dave Aitel (May 25)