Vulnerability Note VU#776628
Apple Mac OS X bootpd vulnerable to stack-based buffer overflow
A buffer overflow vulnerability in the Apple Mac OS X bootp daemon may allow an attacker to execute arbitrary code on an affected system.
The bootp daemon (bootpd) is used to send clients network and IP address configuration settings. It can also work in combination with a TFTP server to transfer an operating system image to diskless clients.
An attacker may be able to execute arbitrary code with root privileges on the affected system.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer, Inc.||Unknown||02 Aug 2006||02 Aug 2006|
CVSS Metrics (Learn More)
Thanks to Apple Product Security for reporting this vulnerability.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2006-3498
- Date Public: 01 Aug 2006
- Date First Published: 02 Aug 2006
- Date Last Updated: 03 Aug 2006
- Severity Metric: 0.13
- Document Revision: 32
If you have feedback, comments, or additional information about this vulnerability, please send us email.