SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips
 

Vulnerability Note VU#461412

Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow

Overview

Apple Mac OS X Server servermgrd contains an unspecified buffer overflow vulnerability in the authentication handling routines. This vulnerability may lead to remote execution of arbitrary code.

I. Description

Mac OS X Server contains the servermgrd application for back-end management purposes. The authentication routines used in servermgrd contain an unspecified buffer overflow vulnerability that may allow a remote attacker to execute arbitrary code.

II. Impact

A remote, unauthenticated attacker may be able to execute arbitrary code.

III. Solution

Apply an update

Please see Apple Security Update 2005-007 for details on workarounds, fixes, and updates.

Systems Affected

VendorStatusDate NotifiedDate Updated
Apple Computer, Inc.Vulnerable17-Aug-2005

References


http://docs.info.apple.com/article.html?artnum=302163
http://secunia.com/advisories/16449/

Credit

Thanks to Apple Product Security for reporting this vulnerability.

This document was written by Ken MacInnis.

Other Information

Date Public:2005-08-15
Date First Published:2005-08-17
Date Last Updated:2005-08-17
CERT Advisory: 
CVE-ID(s):CAN-2005-2518
NVD-ID(s):CAN-2005-2518
US-CERT Technical Alerts: 
Metric:14.11
Document Revision:7

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2005 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader