CVE-2007-0355 – Apple Mac OSX 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2007-0355

Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field. Un desbordamiento de búfer en Apple Minimal SLP v2 Service Agent (slpd) en Mac OS X versión 10.4.11 y anteriores, incluyendo versión 10.4.8, permite a usuarios locales, y posiblemente a atacantes remotos, alcanzar privilegios y posiblemente ejecutar código arbitrario por medio de una petición de registro con un campo attr-list no válido. • https://www.exploit-db.com/exploits/3151 http://docs.info.apple.com/article.html?artnum=307430 http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html http://projects.info-pull.com/moab/MOAB-17-01-2007.html http://secunia.com/advisories/23796 http://securitytracker.com/id?1017533 http://securitytracker.com/id?1019359 http://www.osvdb.org/32693 http://www.securityfocus.com/bid/22101 http://www.us-cert.gov/cas/techalerts/TA08-043B.html http://www. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •