OS X 10.4 - Remote hacker automatic denial of service
Version: | 10.4.9 and prior. |
Technical Details: | A design error in the handling of type 0 routing headers in IPv6 can lead to bandwidth reduction following the receipt of malicious network traffic. The 10.4.10 update disables handling of this routing header in OS X 10.4. |
Description: |
OS X 10.4 (Tiger) has a vulnerability in the way that it handles IPv6 network traffic, particularly with the handling of various routing headers. This vulnerability, if exploited by an attacker, could lead to degraded network performance through the consumption of network bandwidth and resources. The update from Apple disables support for the vulnerable component. |
Mitigation: |
Apply OS X 10.4.10 from the Software Update application or from the Apple Downloads website at the earliest opportunity. |
Updates: |
http://www.apple.com/support/downloads/ |
Source: |
http://docs.info.apple.com/article.html?artnum=61798 |
Exploits: |
|
External Tracking Data: | CVE-ID: CVE-2007-2242 |
Social bookmark this page