Sunday, January 14, 2007

MOAB-14-01-2007: AppleTalk ATPsndrsp() Heap Buffer Overflow Vulnerability

The _ATPsndrsp function is vulnerable to a heap-based buffer overflow condition, due to insufficient checking of user input. This leads to a denial of service condition and potential arbitrary code execution by unprivileged users.

For further information:
More to come. In case you want to support the project, consider a donation for the 'get a mini' fund-raising :-). As soon as it gets worked out, advertisement should probably vanish. Hopefully.

3 comments:

drama said...

Whats the mac mini for?

lmh said...

Testing, development of kernel related stuff (looking over ASLR and memory permissions enforcement, xnu rootkits, etc), research on potentially harmful stuff (ex. malware on OS X, mach-o infection, etc).

I can't use a production machine for all the stuff, hence need a secondary one to work with.

lmh said...

That is, for "too many stuffs" :-)