Mac OS X 10.4.x < 10.4.10 IPv6 Type 0 Route Headers DoS

high Nessus Plugin ID 25554

Synopsis

The remote host is missing a Mac OS X update which fixes a security issue.

Description

The remote host is running a version of Mac OS X 10.4.x that is prior to 10.4.10.

This update a security fix for IPv6 type 0 routing headers, which might be abused by an attacker to consume excessive bandwidth.

Solution

Upgrade to Mac OS X 10.4.10 :

http://docs.info.apple.com/article.html?artnum=305533

See Also

http://www.nessus.org/u?c1a804bf

Plugin Details

Severity: High

ID: 25554

File Name: macosx_10_4_10.nasl

Version: 1.20

Type: combined

Agent: macosx

Published: 6/21/2007

Updated: 5/28/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.7

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x:10.4

Exploit Ease: No known exploits are available

Patch Publication Date: 6/19/2007

Vulnerability Publication Date: 4/24/2007

Reference Information

CVE: CVE-2007-2242

BID: 23615