Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1236

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-1236
Last Modified 18 Apr 2009 01:48:17
Published 02 Apr 2009 01:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1236

Summary

Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.0

  • Apple Mac Os X 10.0.0

  • Apple Mac Os X 10.0.1

  • Apple Mac Os X 10.0.2

  • Apple Mac Os X 10.0.3

  • Apple Mac Os X 10.0.4

  • Apple Mac Os X 10.1

  • Apple Mac Os X 10.1.0

  • Apple Mac Os X 10.1.1

  • Apple Mac Os X 10.1.2

  • Apple Mac Os X 10.1.3

  • Apple Mac Os X 10.1.4

  • Apple Mac Os X 10.1.5

  • Apple Mac Os X 10.2

  • Apple Mac Os X 10.2.0

  • Apple Mac Os X 10.2.1

  • Apple Mac Os X 10.2.2

  • Apple Mac Os X 10.2.3

  • Apple Mac Os X 10.2.4

  • Apple Mac Os X 10.2.5

  • Apple Mac Os X 10.2.6

  • Apple Mac Os X 10.2.7

  • Apple Mac Os X 10.2.8

  • Apple Mac Os X 10.3

  • Apple Mac Os X 10.3.0

  • Apple Mac Os X 10.3.1

  • Apple Mac Os X 10.3.2

  • Apple Mac Os X 10.3.3

  • Apple Mac Os X 10.3.4

  • Apple Mac Os X 10.3.5

  • Apple Mac Os X 10.3.6

  • Apple Mac Os X 10.3.7

  • Apple Mac Os X 10.3.8

  • Apple Mac Os X 10.3.9

  • Apple Mac Os X 10.4

  • Apple Mac Os X 10.4.0

  • Apple Mac Os X 10.4.1

  • Apple Mac Os X 10.4.10

  • Apple Mac Os X 10.4.11

  • Apple Mac Os X 10.4.2

  • Apple Mac Os X 10.4.3

  • Apple Mac Os X 10.4.4

  • Apple Mac Os X 10.4.5

  • Apple Mac Os X 10.4.6

  • Apple Mac Os X 10.4.7

  • Apple Mac Os X 10.4.8

  • Apple Mac Os X 10.4.9

  • Apple Mac Os X 10.5

  • Apple Mac Os X 10.5.0

  • Apple Mac Os X 10.5.1

  • Apple Mac Os X 10.5.2

  • Apple Mac Os X 10.5.3

  • Apple Mac Os X 10.5.4

  • Apple Mac Os X 10.5.5

  • Apple Mac Os X 10.5.6

  • Apple Mac Os X Server 10.0

  • Apple Mac Os X Server 10.0.0

  • Apple Mac Os X Server 10.0.1

  • Apple Mac Os X Server 10.0.2

  • Apple Mac Os X Server 10.0.3

  • Apple Mac Os X Server 10.0.4

  • Apple Mac Os X Server 10.1

  • Apple Mac Os X Server 10.1.0

  • Apple Mac Os X Server 10.1.1

  • Apple Mac Os X Server 10.1.2

  • Apple Mac Os X Server 10.1.3

  • Apple Mac Os X Server 10.1.4

  • Apple Mac Os X Server 10.1.5

  • Apple Mac Os X Server 10.2

  • Apple Mac Os X Server 10.2.0

  • Apple Mac Os X Server 10.2.1

  • Apple Mac Os X Server 10.2.2

  • Apple Mac Os X Server 10.2.3

  • Apple Mac Os X Server 10.2.4

  • Apple Mac Os X Server 10.2.5

  • Apple Mac Os X Server 10.2.6

  • Apple Mac Os X Server 10.2.7

  • Apple Mac Os X Server 10.2.8

  • Apple Mac Os X Server 10.3

  • Apple Mac Os X Server 10.3.0

  • Apple Mac Os X Server 10.3.1

  • Apple Mac Os X Server 10.3.2

  • Apple Mac Os X Server 10.3.3

  • Apple Mac Os X Server 10.3.4

  • Apple Mac Os X Server 10.3.5

  • Apple Mac Os X Server 10.3.6

  • Apple Mac Os X Server 10.3.7

  • Apple Mac Os X Server 10.3.8

  • Apple Mac Os X Server 10.3.9

  • Apple Mac Os X Server 10.4

  • Apple Mac Os X Server 10.4.0

  • Apple Mac Os X Server 10.4.1

  • Apple Mac Os X Server 10.4.10

  • Apple Mac Os X Server 10.4.11

  • Apple Mac Os X Server 10.4.2

  • Apple Mac Os X Server 10.4.3

  • Apple Mac Os X Server 10.4.4

  • Apple Mac Os X Server 10.4.5

  • Apple Mac Os X Server 10.4.6

  • Apple Mac Os X Server 10.4.7

  • Apple Mac Os X Server 10.4.8

  • Apple Mac Os X Server 10.4.9

  • Apple Mac Os X Server 10.5

  • Apple Mac Os X Server 10.5.0

  • Apple Mac Os X Server 10.5.1

  • Apple Mac Os X Server 10.5.2

  • Apple Mac Os X Server 10.5.3

  • Apple Mac Os X Server 10.5.4

  • Apple Mac Os X Server 10.5.5

  • Apple Mac Os X Server 10.5.6


References

BID - 34201

MILW0RM - 8262

MISC - http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID=216401181

MISC - http://www.digit-labs.org/files/exploits/xnu-appletalk-zip.c

SECUNIA - 34424


Last Updated: 27 May 2016 10:50:30