CVE-2007-3744

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2007-3744 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by iDefense.
The original article can be found at:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=573

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2007-3744

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Mac OS X version 10.4.10, Server and Workstation, with mDNSResponder version 108.5.
* (Previous versions may also be affected.)

The vulnerability exists within the Legacy NAT Traversal code. Unlike the core of the mDNSResponder service, this area of code does not rely on Multicast UDP. It listens on a dynamically allocated Unicast UDP port.

The vulnerability occurs when parsing a malformed HTTP request. This results in an exploitable heap overflow.

Exploitation of this vulnerability allows an attacker to execute arbitrary code with root privileges on a vulnerable host. No authentication is needed to exploit this vulnerability.

Failed attempts will result in the service crashing. Shortly after crashing, it will be restarted.

Vendor Status:
Apple addressed this vulnerability within their Mac OS X 2007-007 security update.

CVE Information:
CVE-2007-3744

Disclosure Timeline:
* 07/26/2007 - Initial vendor notification
* 07/26/2007 - Initial vendor response
* 08/07/2007 - Coordinated public disclosure

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus