Apple Mac OSX 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow

EDB-ID:

23442


Author:

Max

Type:

dos


Platform:

OSX

Date:

2003-12-15


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

source: https://www.securityfocus.com/bid/9228/info

The cd9660.util utility has been reported prone to a local buffer overrun vulnerability. Excessive data supplied as an argument for the probe for mounting switch, passed to the cd9660.util utility will overrun the bounds of a reserved buffer in memory. Because memory adjacent to this buffer has been reported to contain saved values that are crucial to controlling execution flow, a local attacker may potentially influence cd9660.util execution flow into attacker-supplied instructions.

./cd9660.util -p `perl -e "print 'A'x512"`