Denial of Service Vulnerability in Apple Mac OS X Bonjour Functionality
CVE-2007-0613

Currently unrated

Key Information:

Vendor: Apple
Status: Instant Message Framework; Ichat; Mdnsresponder
Vendor: CVE Published:; 31 January 2007

Summary

The Bonjour feature in the mDNSResponder component of Apple's Mac OS X 10.4.8, including iChat 3.1.6 and InstantMessage framework, fails to validate new contact entries. This oversight permits remote attackers to exploit the system by sending an overwhelming number of duplicate mDNS queries, which can lead to communication failures. Users may experience significant disruptions as the system struggles to process these repeated requests, indicating a severe flaw in the management of contact entries.

References

http://www.osvdb.org/32698

vdb-entryx_refsource_OSVDB

http://projects.info-pull.com/moab/MOAB-29-01-2007.html

x_refsource_MISC

http://www.securityfocus.com/bid/22304

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jan 31, 2007
Vulnerability Reserved
Jan 30, 2007