Apple iChat Bonjour functionality is affected by several remotely exploitable denial of service flaws which can be triggered via advertising presence services over multicast DNS.
Further information:
Showing posts with label denial of service. Show all posts
Showing posts with label denial of service. Show all posts
Monday, January 29, 2007
MOAB-29-01-2007: Apple iChat Bonjour Multiple Denial of Service Vulnerabilities
Further information:
Thursday, January 25, 2007
MOAB-25-01-2007: Apple CFNetwork HTTP Response Denial of Service
CFNetwork fails to handle certain HTTP responses properly, causing the_CFNetConnectionWillEnqueueRequests()function to dereference a NULL pointer, leading to a denial of service condition.
Further information:
- Apple CFNetwork HTTP Response Denial of Service
- Proof of concept: MOAB-25-01-2007.rb and MOAB-25-01-2007.c
Saturday, January 13, 2007
MOAB-13-01-2007: Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability
A specially crafted HFS+ filesystem in a DMG image can cause the do_hfs_truncate() function to panic the kernel (denial of service), when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+ filesystems corruption.Further information:
- MOAB-13-01-2007
- Proof of concept image: MOAB-13-01-2007.dmg.gz
Friday, January 12, 2007
MOAB-12-01-2007: Apple DMG UFS ufs_lookup() Denial of Service Vulnerability
A specially crafted UFS filesystem in a DMG image can cause theFor further information:ufs_lookup()function to callufs_dirbad()when a corrupted directory entry is being read, leading to a kernel panic (denial of service).
We would like to thank evan1138 for his generous donation to the project, as well as his constructive feedback and comments.