AlphaOne Technology Support Forums
Welcome, Guest. Please login or register.
January 08, 2009, 03:28:35 AM

Login with username, password and session length
Search:     Advanced search
1733 Posts in 827 Topics by 5342 Members
Latest Member: hikslyypro
* Home Help Search Login Register
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  Topic: Apple Mac OS X Foundation Framework vulnerable to buffer overflow 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Apple Mac OS X Foundation Framework vulnerable to buffer overflow  (Read 430 times)
Brad
SysAdmin
Tech Team
Hero Member
********
Offline Offline

Posts: 391



View Profile
Apple Mac OS X Foundation Framework vulnerable to buffer overflow
« on: June 28, 2005, 11:05:30 PM »
Overview
A buffer overflow in Mac OS X Foundation Framework's processing of environment variables may lead to elevated privileges.

I. Description
A vulnerability is present Mac OS X Foundation Framework shipped in version 10.3.9 of Mac OS X and Mac OSX Server. There is a flaw in the handling of environment variables that may lead to a buffer overflow condition. It is reported that this vulnerability is locally exploitable.

II. Impact
Explotation of this vulnerability may lead to the execution of arbitrary code with elevated privileges.

III. Solution
Apple has released Security Update 2005-005, http://docs.info.apple.com/article.html?artnum=301528. to address this issue and several other security related issues.

References
http://secunia.com/advisories/15227/
http://docs.info.apple.com/article.html?artnum=301528
http://www.net-security.org/vulnerability.php?id=16077
Logged
Mambo Hosting Resources
Pages: [1] Go Up Print 
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  Topic: Apple Mac OS X Foundation Framework vulnerable to buffer overflow « previous next »
Jump to:  

Powered by MySQL Powered by PHP AlphaOne Technology Support Forums | Powered by SMF 1.0.7.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!