| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: subversive at linuxmail.org (subversive )
Subject: OS X DirectoryService DoS {@...ke adv:
a041003-1}
Neeko Oni wrote:
>Ok, the PATH problem is self-explanatory (and has been exploited once
the DirectoryService process has crashed) but I've had some difficulty
>reproducing the DoS attack claim. I've got a 10.2.4 machine sitting
>right next to me, I believe it's a stock install, but DirectoryService
>doesn't bind 625. DirectoryService doesn't bind any ports and
>furthermore nothing binds 625 at all.
>
>Has anyone reproduced the DoS in that advisory?
I also read the advisory and of the two MacOS machines that I am able
to access (only one locally) I can confirm that on the machine that
I don't have local access there was a daemon running on port 625 and
as the advisory states I was able to reproduce the DoS attack. I'm
not sure exactly which version of MacOS X that machine was running
but the daemon did crash and and refuse connection.
On the machine that I know for a fact is 10.2.4 and have local access to,
DirectoryService was setuid root and was running but there was no port
625 open. I haven't port scanned the machine to check other ports yet
so i'm not ruling out the possibility its running on a different port
just yet.
Has anyone else looked into this matter... ?
-subversive
--
______________________________________________
http://www.linuxmail.org/
Now with e-mail forwarding for only US$5.95/yr
Powered by Outblaze
Powered by blists - more mailing lists