Vulnerability Note VU#841742
Apple Mac OS X Point-to-Point Protocol daemon (pppd) contains format string vulnerability
Overview
Apple Mac OS X Point-to-Point Protocol daemon contains a format string vulnerability in the handling of invalid command line arguments.
Description
The Point-to-Point Protocol (PPP) provides a method for transmitting datagrams over serial point-to-point links. There is a format string vulnerability in the Mac OS X Point-to-Point Protocol daemon (pppd). When pppd receives an invalid command line argument, this argument is passed to the fslprintf() function. This function accepts input without properly specifying a format string. According to @stake:
|
Impact
The complete impact of this vulnerability is not yet known. However, exploitation may lead to the ability to read arbitrary data out of pppd's process. This data may contain CHAP or PAP authentication credentials. |
Solution
Apply Patch
|
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Apple Computer Inc. | Affected | - | 25 Feb 2004 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://www.atstake.com/research/advisories/2004/a022304-1.txt
- http://www.apple.com/support/security/security_updates.html
Credit
This vulnerability was reported by Dave G. of @stake and Justin Tibbs of Secure Network Operations (SRT).
This document was written by Damon Morda.
Other Information
- CVE IDs: CAN-2004-0165
- Date Public: 24 Feb 2004
- Date First Published: 26 Feb 2004
- Date Last Updated: 26 Feb 2004
- Severity Metric: 3.90
- Document Revision: 12
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.