Mac OS X Exploit Hits Soon After Apple Releases Patch

Exploit code has been released for a buffer overflow vulnerability that could enable a remote hacker to take control of a system.
About a day after Apple patched 13 flaws in its Mac OS X, a security researcher released exploit code for one of those bugs that could give a hacker remote control of the system.

The buffer overflow vulnerability affects Mac OS X v.10.4.9, as well as Mac OS X Server v.10.4.9, according to a Monday morning post on Dave Aitel's daily mailing list. Aitel is the founder and CTO of Immunity and the author of a book on hackers. The vulnerability lies in Apple's Bonjour zero-configuration networking service, which is designed to enable automatic discovery of computers, devices, and services on IP networks.

Apple described the vulnerability as a problem in the Internet Gateway Device Standardized Device Control Protocol code, which is used to create port mappings on home NAT gateways in the OS X implementation. By sending a maliciously crafted packet, Apple said an attacker on the local network could trigger the overflow that could lead to an unexpected application termination or arbitrary code execution.

The security update, which was released last Friday, fixes the flaw by performing additional validation when processing protocol packets.

The flaw doesn't affect systems prior to Mac OS X v.10.4.

Editor's Choice
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing
John Edwards, Technology Journalist & Author
John Edwards, Technology Journalist & Author
James M. Connolly, Contributing Editor and Writer