• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Mac OS-X Admin Service Buffer Overflow

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Macintosh

View previous topic :: View next topic  
Author Message
RoboGeek
SF Mod
SF Mod


Joined: 13 Jun 2003
Posts: 16777166
Location: LeRoy, IL

Offline

PostPosted: Wed Mar 24, 2004 1:59 pm    Post subject: Mac OS-X Admin Service Buffer Overflow Reply with quote

Quote:
The following security advisory can be found at the SecuriTeam web site: http://www.securiteam.com


Mac OS-X Admin Service Buffer Overflow Vulnerability
------------------------------------------------------------------------


SUMMARY

A security vulnerability exists in the admin service of Mac OS-X.
Successful exploitation of the vulnerability will crash the service and if
a specially crafted payload is sent, it can lead to arbitrary code
execution.

DETAILS

Vulnerable Systems:
* Mac OS-X server version 10.3

When a very large chunk of data is sent to the GUI admin service (TCP port
660) it will crash the service. This is similar to a classic buffer
overflow vulnerability although as of now there is no exploit code
available.

In order to test for this vulnerability, the following command can be
used:
Code:

$ perl -e 'print "A"x2057' | nc <host> 660 -q0


Note that the service will restart after it crashes.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Macintosh All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register