Quote: | ||
The following security advisory can be found at the SecuriTeam web site: http://www.securiteam.com
Mac OS-X Admin Service Buffer Overflow Vulnerability ------------------------------------------------------------------------ SUMMARY A security vulnerability exists in the admin service of Mac OS-X. Successful exploitation of the vulnerability will crash the service and if a specially crafted payload is sent, it can lead to arbitrary code execution. DETAILS Vulnerable Systems: * Mac OS-X server version 10.3 When a very large chunk of data is sent to the GUI admin service (TCP port 660) it will crash the service. This is similar to a classic buffer overflow vulnerability although as of now there is no exploit code available. In order to test for this vulnerability, the following command can be used:
Note that the service will restart after it crashes. |
output generated using printer-friendly topic mod, All times are GMT + 2 Hours