ISS X-Force Database: macosx-system-call-dos(24682): Apple Mac OS X undocumented system call denial of service

Apple Mac OS X undocumented system call denial of service

macosx-system-call-dos (24682)

Low Risk

Description:

Apple Mac OS X is vulnerable to a denial of service attack. A local attacker could exploit this vulnerability to cause the system to crash by invoking an undocumented system call.

Platforms Affected:

Apple, Mac OS X 10.4.4
Apple, Mac OS X Server 10.4.4

Remedy:

Upgrade to the latest version of Mac OS X or Mac OS X Server (10.4.5 or later), available from the Apple Support Web site. See References.

Consequences:

Denial of Service

References:

Apple KnowledgeBase Article 303159, About Mac OS X Server 10.4.5 Update at http://docs.info.apple.com/article.html?artnum=303159.
Apple security-announce Mailing List, Tue, 14 Feb 2006 13:43:12 -0800, APPLE-SA-2006-02-14 Mac OS X v10.4.5 at http://lists.apple.com/archives/security-announce/2006/Feb/msg00000.html.
Apple Support Web site, Apple Downloads at http://www.apple.com/support/downloads/.
BID-16654: Apple Mac OS X Undocumented System Call Local Denial Of Service Vulnerability
CVE-2006-0382: Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call.
OSVDB ID: 23190: Mac OS X Kernel Undocumented System Call Local DoS
SA18907: Mac OS X Kernel Local Denial of Service Vulnerability
SECTRACK ID: 1015634: Mac OS X Undocumented System Call Lets Local Users Deny Service
VUPEN/ADV-2006-0597: Apple Mac OS X Unspecified System Call Denial of Service Vulnerability

Reported:

Feb 14, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page