CVE-2007-3744

Related Files

Gentoo Linux Security Advisory 201201-05

Posted Jan 23, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-5 - Multiple vulnerabilities have been found in mDNSResponder, which could lead to execution of arbitrary code with root privileges. Versions less than 212.1 are affected.

tags | advisory, arbitrary, root, vulnerability

systems | linux, gentoo

advisories | CVE-2007-2386, CVE-2007-3744, CVE-2007-3828, CVE-2008-0989, CVE-2008-2326, CVE-2008-3630

SHA-256 | e1cc1016a1c014bc7ef6bf4d1ca08c09ff348c721de3f1a2d7e5331a0be5bf0b

Download | Favorite | View

iDEFENSE Security Advisory 2007-08-07.2

Posted Aug 8, 2007

Authored by iDefense Labs, mu-b | Site idefense.com

iDefense Security Advisory 08.07.07 - Remote exploitation of a heap overflow vulnerability in Apple Inc.'s mDNSResponder application may allow attackers to execute arbitrary code with root privileges. The vulnerability exists within the Legacy NAT Traversal code. Unlike the core of the mDNSResponder service, this area of code does not rely on Multicast UDP. It listens on a dynamically allocated Unicast UDP port. The vulnerability occurs when parsing a malformed HTTP request. This results in an exploitable heap overflow. iDefense has confirmed the existence of this vulnerability in Mac OS X version 10.4.10, Server and Workstation, with mDNSResponder version 108.5. Previous versions may also be affected.

tags | advisory, remote, web, overflow, arbitrary, root, udp

systems | apple, osx

advisories | CVE-2007-3744

SHA-256 | 6d4ffd82d1feb8bfe7a7063ef0cd7c374ce49e3b42b3308f79af1c4ab79d31a6

Download | Favorite | View