Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Apple iChat Bonjour DoS conditions
Published:01.02.2007
Source:
SecurityVulns ID:7140
Type:client
Threat Level:
5/10
Description:Multiple problems because of insecure dynamic DNS usage.
Affected:APPLE : iChat 3.1
CVE:CVE-2007-0710 (The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614.)
 CVE-2007-0614 (The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (persistent application crash) via a crafted phsh hash attribute in a TXT key.)
 CVE-2007-0613 (The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.)
Original documentdocumentMOAB, MOAB-29-01-2007: Apple iChat Bonjour Multiple Denial of Service Vulnerabilities (01.02.2007)
Files:basic proof of concept for Apple iChat Bonjour

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod