Check Point Advisories

Preemptive Protection agains Apple Open Directory Denial of Service Vulnerability

Check Point Reference: CPAI-2006-091
Date Published: 19 Jul 2006
Severity: Medium
Last Updated: 15 May 2007
Source: MU Security
Industry Reference:CVE-2006-1470
US-CERT VU#652196
Protection Provided by:
Who is Vulnerable? OSX 10.4.4 through 10.4.6
Vulnerability Description The OpenLDAP software allows LDAP-aware programs on a network to get information from a server. Apple uses OpenLDAP as a part of their Open Directory product. An error in the implementation of OpenLDAP may allow a remote attacker with the ability to send a malformed LDAP request to cause Open Directory server to crash.
Update/Patch AvaliableUpgrade to OSX 10.4.7 at:
http://docs.info.apple.com/article.html?artnum=61798
Vulnerability DetailsAn assertion error exists in the implementation of Open-LDAP. An attacker may send a malformed LDAP message which triggers the assertion and cause a denial-of-service condition.

Protection Overview

This website uses cookies to ensure you get the best experience. More Info Got it, Thanks!