Details of VAR-200702-0109

ID

VAR-200702-0109

CVE

CVE-2007-0710

TITLE

Apple Mac OS X fails to properly handle corrupted Universal Mach-O Binaries

Trust: 0.8

sources: CERT/CC: VU#346656

DESCRIPTION

The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614. Apple iChat is prone to multiple remote denial-of-service vulnerabilities. These issues affect the Bonjour functionality. Apple iChat 3.1.6 is reported affected; other versions may be vulnerable as well. Apple iChat is a video chat tool bundled with Apple's family of operating systems. Several denial-of-service vulnerabilities exist in iChat's Bonjour feature, which allows automatic discovery of computers. There are no restrictions on finding available contacts via mDNS queries, iChat will add the broadcasted _presence._tcp record even if the contact does not exist, so a malicious user can broadcast a fake record so that iChat users using Bonjour cannot discover more peers, unable to communicate reliably. Trying to start iChat Bonjour again will fail because mDNSResponder keeps a specially crafted record. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. The vulnerability exists due to an error in the "fpathconf()" syscall when it is called with an unsupported file type and can be exploited to cause a system panic. The vulnerability is confirmed in version 10.4.8. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: Initially discovered in FreeBSD and reported in Mac OS X by Ilja Van Sprundel. ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-09-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 4.23

sources: NVD: CVE-2007-0710 // CERT/CC: VU#346656 // CERT/CC: VU#765096 // CERT/CC: VU#836024 // JVNDB: JVNDB-2007-000121 // BID: 22304 // VULHUB: VHN-24072 // PACKETSTORM: 51846

AFFECTED PRODUCTS

vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	apple	model:	ichat	scope:	eq	version:	*	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.3.x	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.4.x	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.3.x	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.4.x	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.9	Trust: 0.6
vendor:	apple	model:	ichat	scope:	eq	version:	3.1.6	Trust: 0.3

sources: CERT/CC: VU#346656 // CERT/CC: VU#765096 // CERT/CC: VU#836024 // BID: 22304 // JVNDB: JVNDB-2007-000121 // CNNVD: CNNVD-200702-343 // NVD: CVE-2007-0710

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-0710
value:	LOW
Trust: 1.0
CARNEGIE MELLON:	VU#346656
value:	17.10
Trust: 0.8
CARNEGIE MELLON:	VU#765096
value:	5.18
Trust: 0.8
CARNEGIE MELLON:	VU#836024
value:	2.48
Trust: 0.8
NVD:	CVE-2007-0710
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200702-343
value:	LOW
Trust: 0.6
VULHUB:	VHN-24072
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2007-0710
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2007-0710
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-24072
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#346656 // CERT/CC: VU#765096 // CERT/CC: VU#836024 // VULHUB: VHN-24072 // JVNDB: JVNDB-2007-000121 // CNNVD: CNNVD-200702-343 // NVD: CVE-2007-0710

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-24072 // JVNDB: JVNDB-2007-000121 // NVD: CVE-2007-0710

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 51846 // CNNVD: CNNVD-200702-343

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-200702-343

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000121

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-24072

PATCH

title:	Security Update 2007-002 (Panther)	url:	http://www.apple.com/support/downloads/securityupdate2007002panther.html	Trust: 0.8
title:	Security Update 2007-002 (PPC)	url:	http://www.apple.com/support/downloads/securityupdate2007002ppc.html	Trust: 0.8
title:	Security Update 2007-002 (Universal)	url:	http://www.apple.com/support/downloads/securityupdate2007002universal.html	Trust: 0.8
title:	Security Update 2007-002	url:	http://docs.info.apple.com/article.html?artnum=305102-en	Trust: 0.8
title:	Security Update 2007-002	url:	http://docs.info.apple.com/article.html?artnum=305102-ja	Trust: 0.8
title:	Security Update 2007-002 (PPC)	url:	http://www.apple.com/jp/ftp-info/reference/securityupdate2007002ppc.html	Trust: 0.8
title:	Security Update 2007-002 (Universal)	url:	http://www.apple.com/jp/ftp-info/reference/securityupdate2007002universal.html	Trust: 0.8
title:	Security Update 2007-002 (Panther)	url:	http://www.apple.com/jp/ftp-info/reference/securityupdate2007002panther.html	Trust: 0.8

sources: JVNDB: JVNDB-2007-000121

EXTERNAL IDS

db:	SECTRACK	id:	1017661	Trust: 3.3
db:	SECUNIA	id:	24198	Trust: 3.3
db:	CERT/CC	id:	VU#836024	Trust: 3.3
db:	BID	id:	22304	Trust: 2.8
db:	NVD	id:	CVE-2007-0710	Trust: 2.8
db:	OSVDB	id:	32713	Trust: 1.7
db:	SECUNIA	id:	24479	Trust: 1.6
db:	SECTRACK	id:	1017751	Trust: 1.6
db:	SECUNIA	id:	22808	Trust: 0.9
db:	SECUNIA	id:	23088	Trust: 0.8
db:	BID	id:	21291	Trust: 0.8
db:	CERT/CC	id:	VU#346656	Trust: 0.8
db:	BID	id:	20982	Trust: 0.8
db:	CERT/CC	id:	VU#765096	Trust: 0.8
db:	SECUNIA	id:	23945	Trust: 0.8
db:	JVNDB	id:	JVNDB-2007-000121	Trust: 0.8
db:	CNNVD	id:	CNNVD-200702-343	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2007-02-15	Trust: 0.6
db:	EXPLOIT-DB	id:	3230	Trust: 0.1
db:	VULHUB	id:	VHN-24072	Trust: 0.1
db:	PACKETSTORM	id:	51846	Trust: 0.1

sources: CERT/CC: VU#346656 // CERT/CC: VU#765096 // CERT/CC: VU#836024 // VULHUB: VHN-24072 // BID: 22304 // JVNDB: JVNDB-2007-000121 // PACKETSTORM: 51846 // CNNVD: CNNVD-200702-343 // NVD: CVE-2007-0710

REFERENCES

url:	http://docs.info.apple.com/article.html?artnum=305102	Trust: 2.8
url:	http://www.securityfocus.com/bid/22304	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/836024	Trust: 2.5
url:	http://www.securitytracker.com/id?1017661	Trust: 2.5
url:	http://lists.apple.com/archives/security-announce/2007/feb/msg00000.html	Trust: 1.7
url:	http://www.osvdb.org/32713	Trust: 1.7
url:	http://secunia.com/advisories/24198	Trust: 1.7
url:	http://docs.info.apple.com/article.html?artnum=305214	Trust: 1.6
url:	http://secunia.com/advisories/24479/	Trust: 1.6
url:	http://securitytracker.com/alerts/2007/mar/1017751.html	Trust: 1.6
url:	http://secunia.com/advisories/24198/	Trust: 1.6
url:	http://projects.info-pull.com/moab/moab-29-01-2007.html	Trust: 1.1
url:	http://projects.info-pull.com/mokb/mokb-09-11-2006.html	Trust: 0.9
url:	http://secunia.com/advisories/22808/	Trust: 0.9
url:	http://projects.info-pull.com/mokb/mokb-26-11-2006.html	Trust: 0.8
url:	http://projects.info-pull.com/mokb/bug-files/mokb-26-11-2006.bz2	Trust: 0.8
url:	http://secunia.com/advisories/23088/	Trust: 0.8
url:	http://www.securityfocus.com/bid/21291	Trust: 0.8
url:	http://www.securityfocus.com/bid/20982	Trust: 0.8
url:	http://secunia.com/advisories/23945/	Trust: 0.8
url:	http://www.apple.com/macosx/features/ichat/	Trust: 0.8
url:	http://developer.apple.com/networking/bonjour/index.html	Trust: 0.8
url:	http://securitytracker.com/alerts/2007/feb/1017661.html	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0710	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0710	Trust: 0.8
url:	http://www.apple.com/ichat/	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://corporate.secunia.com/products/48/?r=l	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/96/	Trust: 0.1
url:	http://corporate.secunia.com/how_to_buy/15/?r=l	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

CREDITS

LMH lmh@info-pull.com

Trust: 0.6

sources: CNNVD: CNNVD-200702-343

SOURCES

db:	CERT/CC	id:	VU#346656
db:	CERT/CC	id:	VU#765096
db:	CERT/CC	id:	VU#836024
db:	VULHUB	id:	VHN-24072
db:	BID	id:	22304
db:	JVNDB	id:	JVNDB-2007-000121
db:	PACKETSTORM	id:	51846
db:	CNNVD	id:	CNNVD-200702-343
db:	NVD	id:	CVE-2007-0710

LAST UPDATE DATE

2024-09-19T21:35:07.094000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#346656	date:	2007-03-30T00:00:00
db:	CERT/CC	id:	VU#765096	date:	2007-07-21T00:00:00
db:	CERT/CC	id:	VU#836024	date:	2007-03-16T00:00:00
db:	VULHUB	id:	VHN-24072	date:	2008-09-05T00:00:00
db:	BID	id:	22304	date:	2016-07-06T14:40:00
db:	JVNDB	id:	JVNDB-2007-000121	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200702-343	date:	2007-02-20T00:00:00
db:	NVD	id:	CVE-2007-0710	date:	2008-09-05T21:18:36.677

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#346656	date:	2007-03-14T00:00:00
db:	CERT/CC	id:	VU#765096	date:	2007-03-14T00:00:00
db:	CERT/CC	id:	VU#836024	date:	2007-02-26T00:00:00
db:	VULHUB	id:	VHN-24072	date:	2007-02-16T00:00:00
db:	BID	id:	22304	date:	2007-01-29T00:00:00
db:	JVNDB	id:	JVNDB-2007-000121	date:	2007-04-01T00:00:00
db:	PACKETSTORM	id:	51846	date:	2006-11-10T16:02:24
db:	CNNVD	id:	CNNVD-200702-343	date:	2007-01-29T00:00:00
db:	NVD	id:	CVE-2007-0710	date:	2007-02-16T19:28:00