Wednesday, January 17, 2007

MOAB-17-01-2007: Apple SLP Daemon Service Registration Buffer Overflow Vulnerability

slpd is vulnerable to a buffer overflow condition when processing the attr-list field of a registration request, leading to an exploitable denial of service condition and potential arbitrary execution. It would allow unprivileged local (and possibly remote) users to execute arbitrary code under root privileges.

For further information:
This issue was reported to Apple on 8/2/06 5:31 PM.


Anonymous said...

Is 8/2/2006 August or February? (guessing the former?)

Anonymous said...