Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6276

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2007-6276
Last Modified 18 Jul 2011 12:00:00
Published 07 Dec 2007 06:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6276

Summary

The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.5

  • Apple Mac Os X 10.5.1

  • Apple Mac Os X 10.5.2

  • Apple Mac Os X 10.5.3

  • Apple Mac Os X Server 10.5

  • Apple Mac Os X Server 10.5.1

  • Apple Mac Os X Server 10.5.2

  • Apple Mac Os X Server 10.5.3


References

XF - macos-vpnd-dos(38855)

VUPEN - ADV-2008-1981

VUPEN - ADV-2007-4145

SECTRACK - 1019052

BID - 26699

MILW0RM - 4690

CONFIRM - http://support.apple.com/kb/HT2163

SECUNIA - 30802

SECUNIA - 27938

APPLE - APPLE-SA-2008-06-30

Related Patches

Apple 2008-06-30 Mac OS X Server 10.5.4 Combo Update

Apple 2008-06-30 Mac OS X 10.5.4 Update

Apple 2008-06-30 Mac OS X Server 10.5.4 Update

Apple 2008-06-30 Mac OS X 10.5.4 Combo Update


Last Updated: 27 May 2016 10:46:26