10 December 2007 @ 17:45Leopard Integer Overflow

Heise Security is reporting that a vulnerability has been found in the load_threadstack function in mach_loader.c when processing Mach-O binaries, which can lead to a kernel panic.

Single user systems should not be at risk as the bug can only be exploited by users logged onto a system. The bug does, however, represent a problem on multi-user systems, as an attacker does not require any special privileges to provoke this error. The vulnerability is present in Mac OS X 10.5, 10.5.1 and 10.4.11. No patch is presently available, but an exploit for testing is.

Be Sociable, Share!

by | Add a comment | Posted in exploits, leopard | Link to this

Add a Comment

Show who you are with a Gravatar.

 

Sign up for PayPal and start accepting credit card payments instantly.

Staples Logo

Get fed!

rss icon subscribe to Geek stuff

rss icon Geek stuff in your inbox

Add the "Geek stuff" Google Gadget to your homepage

Add the "Daily Deals" Google Gadget to your homepage

Apparel

Search Amazon

Search Amazon.com
Search Amazon.co.uk

Recent Forum Topics

    Advert

    Web hosting by ICDSoft