How can I help you? Start Chat

US Phone: 1-866-488-6691
International Phone: +44-2036087492

  • E-Mail
  • Facebook
  • LinkedIn
  • Twitter

Check Point Advisories

Preemptive Protection agains Apple Open Directory Denial of Service Vulnerability

Check Point Reference: CPAI-2006-091
Date Published: 19 Jul 2006
Severity: Medium
Last Updated: 15 May 2007
Source: MU Security
Industry Reference:CVE-2006-1470
US-CERT VU#652196
Protection Provided by:
Who is Vulnerable? OSX 10.4.4 through 10.4.6
Vulnerability Description The OpenLDAP software allows LDAP-aware programs on a network to get information from a server. Apple uses OpenLDAP as a part of their Open Directory product. An error in the implementation of OpenLDAP may allow a remote attacker with the ability to send a malformed LDAP request to cause Open Directory server to crash.
Update/Patch AvaliableUpgrade to OSX 10.4.7 at:
http://docs.info.apple.com/article.html?artnum=61798
Vulnerability DetailsAn assertion error exists in the implementation of Open-LDAP. An attacker may send a malformed LDAP message which triggers the assertion and cause a denial-of-service condition.

Protection Overview