Sign-up

ID

VAR-200606-0401


CVE

CVE-2006-1470


TITLE

Apple Mac OS X Open Directory server vulnerable to DoS via an invalid LDAP request

Trust: 0.8

sources: CERT/CC: VU#652196

DESCRIPTION

OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. Apple has reported a vulnerability in their version of OpenLDAP that is included in Apple Mac OS X and Mac OS X Server versions 10.4 to 10.4.6. If successfully exploited, this vulnerability would allow an attacker to create a denial-of-service condition. An attacker can exploit this issue to cause a crash in the LDAP server, effectively denying service to legitimate users. This issue was initially discussed in BID 18686 (Apple Mac OS X Multiple Security Vulnerabilities), which has been split into individual BIDs to discuss each issue separately. ---------------------------------------------------------------------- Reverse Engineer Wanted Secunia offers a Security Specialist position with emphasis on reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports. 1) An error in the AFP server within the handling of users' search results can be exploited by malicious users to gain knowledge of the names of files and folders for which the user performing the search has no access to. 2) A vulnerability within the Freshclam command line utility in ClamAV can potentially be exploited to compromise a vulnerable system. For more information: SA19880 3) A boundary error in ImageIO within the handling of TIFF images can be exploited to cause a stack-based buffer overflow. This crashes an affected application and may allow arbitrary code execution when a specially crafted TIFF image is viewed. 4) A format string error within the logging functionality of the setuid program "launchd" can be exploited by local users to execute arbitrary code with system privileges. 5) An error within "slapd" of the OpenLDAP server when handling an anonymous bind operation can be exploited to crash the service via a malformed ldap-bind message. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.34

sources: NVD: CVE-2006-1470 // CERT/CC: VU#652196 // BID: 18728 // BID: 18686 // VULHUB: VHN-17578 // PACKETSTORM: 47895

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.4.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.6

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.3

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.2

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.5

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.6

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.1

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.3

Trust: 1.0

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.6

vendor:applemodel:mac os serverscope:neversion:x10.4.7

Trust: 0.6

vendor:applemodel:mac osscope:neversion:x10.4.7

Trust: 0.6

sources: CERT/CC: VU#652196 // BID: 18728 // BID: 18686 // CNNVD: CNNVD-200606-536 // NVD: CVE-2006-1470

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-1470
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#652196
value: 0.22

Trust: 0.8

CNNVD: CNNVD-200606-536
value: MEDIUM

Trust: 0.6

VULHUB: VHN-17578
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-1470
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-17578
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#652196 // VULHUB: VHN-17578 // CNNVD: CNNVD-200606-536 // NVD: CVE-2006-1470

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.1

sources: VULHUB: VHN-17578 // NVD: CVE-2006-1470

THREAT TYPE

network

Trust: 0.6

sources: BID: 18728 // BID: 18686

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-200606-536

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-17578

EXTERNAL IDS
db:CERT/CCid:VU#652196
Trust: 2.5
db:NVDid:CVE-2006-1470
Trust: 2.3
db:BIDid:18686
Trust: 2.0
db:BIDid:18728
Trust: 2.0
db:SECUNIAid:20877
Trust: 1.8
db:SECTRACKid:1016396
Trust: 1.7
db:VUPENid:ADV-2006-2566
Trust: 1.7
db:OSVDBid:26932
Trust: 1.7
db:CNNVDid:CNNVD-200606-536
Trust: 0.7
db:XFid:27480
Trust: 0.6
db:APPLEid:APPLE-SA-2006-06-27
Trust: 0.6
db:SEEBUGid:SSVID-81715
Trust: 0.1
db:EXPLOIT-DBid:28135
Trust: 0.1
db:VULHUBid:VHN-17578
Trust: 0.1
db:PACKETSTORMid:47895
Trust: 0.1
sources:
            
            
            CERT/CC: VU#652196 // 
            
            
            
            VULHUB: VHN-17578 // 
            
            
            
            BID: 18728 // 
            
            
            
            BID: 18686 // 
            
            
            
            PACKETSTORM: 47895 // 
            
            
            
            CNNVD: CNNVD-200606-536 // 
            
            
            
            NVD: CVE-2006-1470

REFERENCES
url:http://lists.apple.com/archives/security-announce/2006/jun/msg00000.html
Trust: 2.5
url:http://www.securityfocus.com/bid/18686
Trust: 1.7
url:http://www.securityfocus.com/bid/18728
Trust: 1.7
url:http://www.kb.cert.org/vuls/id/652196
Trust: 1.7
url:http://www.osvdb.org/26932
Trust: 1.7
url:http://securitytracker.com/id?1016396
Trust: 1.7
url:http://secunia.com/advisories/20877
Trust: 1.7
url:http://www.vupen.com/english/advisories/2006/2566
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/27480
Trust: 1.1
url:http://www.apple.com/server/macosx/features/opendirectory.html
Trust: 0.8
url:http://docs.info.apple.com/article.html?artnum=106439
Trust: 0.8
url:http://www.apple.com/support/downloads/
Trust: 0.6
url:http://www.info.apple.com/usen/security/security_updates.html
Trust: 0.6
url:http://www.apple.com/macosx/
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2006/2566
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/27480
Trust: 0.6
url:http://labs.musecurity.com/advisories/mu-200606-02.txt
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/advisories/19880/
Trust: 0.1
url:http://www.apple.com/support/downloads/macosxupdate1047intel.html
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/secunia_security_specialist/
Trust: 0.1
url:http://secunia.com/advisories/20877/
Trust: 0.1
url:http://secunia.com/product/96/
Trust: 0.1
url:http://docs.info.apple.com/article.html?artnum=303973
Trust: 0.1
url:http://www.digitalmunition.com/dma%5b2006-0628a%5d.txt
Trust: 0.1
url:http://www.apple.com/support/downloads/macosxserverupdate1047.html
Trust: 0.1
url:http://www.apple.com/support/downloads/macosxupdate1047ppc.html
Trust: 0.1
sources:
            
            
            CERT/CC: VU#652196 // 
            
            
            
            VULHUB: VHN-17578 // 
            
            
            
            BID: 18728 // 
            
            
            
            BID: 18686 // 
            
            
            
            PACKETSTORM: 47895 // 
            
            
            
            CNNVD: CNNVD-200606-536 // 
            
            
            
            NVD: CVE-2006-1470

CREDITS
Apple
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200606-536

SOURCES
db:CERT/CCid:VU#652196
db:VULHUBid:VHN-17578
db:BIDid:18728
db:BIDid:18686
db:PACKETSTORMid:47895
db:CNNVDid:CNNVD-200606-536
db:NVDid:CVE-2006-1470

LAST UPDATE DATE
2024-08-14T13:17:07.409000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#652196date:2006-06-29T00:00:00
db:VULHUBid:VHN-17578date:2017-07-20T00:00:00
db:BIDid:18728date:2006-06-29T22:49:00
db:BIDid:18686date:2006-06-30T15:44:00
db:CNNVDid:CNNVD-200606-536date:2006-07-06T00:00:00
db:NVDid:CVE-2006-1470date:2017-07-20T01:30:37.707

SOURCES RELEASE DATE
db:CERT/CCid:VU#652196date:2006-06-28T00:00:00
db:VULHUBid:VHN-17578date:2006-06-27T00:00:00
db:BIDid:18728date:2006-06-27T00:00:00
db:BIDid:18686date:2006-06-27T00:00:00
db:PACKETSTORMid:47895date:2006-06-29T18:48:34
db:CNNVDid:CNNVD-200606-536date:2006-06-27T00:00:00
db:NVDid:CVE-2006-1470date:2006-06-27T22:13:00