Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 Mac OS X Input Validation Flaw in parse_machfile() Lets Local Users Deny Service
Categorie: Vulnerability
Posted: 2005-01-20 by ReCall
Views: 336
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
Description: An input validation vulnerability was reported in Mac OS X in the mach kernel loader. A local user can cause the kernel to crash.

nemo from felinemenace.org reported that the parse_machfile() function in 'bsd/kern/mach_loader.c' does not properly validate user-supplied values for the ncmds and offset parameters. A local user can supply a negative value to cause the kernel to crash.

The vendor has been notified.

The original advisory, including a demonstration exploit is available at:

http://felinemenace.org/advisories/macosx.txt

Impact: A local user can cause denial of service conditions.

A local user may be able to obtain elevated privileges [however, that was not confirmed in the report].

Solution: No solution was available at the time of this entry.
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1310

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES