Apple Mac OS X AppleTalk Local Denial of Service

Secunia reports on yet another memory corruption vulnerability in Mac OS X that can only be exploited  by local malicious users. As we've noted many times in the past, a physically compromised Mac is an insecure Mac -- for myriad reasons, this particular flaw being one of the least. Access to secured Macs should only be granted to trusted users.

The Secunia report states:

"The vulnerability is caused due to an error when invoking "ioctl()" on an AppleTalk socket with an 'AIOCREGLOCALZN' request and can be exploited to cause a system panic.

"The vulnerability is reported on a fully patched Mac OS X (27-11-2006) running on an Intel processor. Other versions may also be affected."

For more, see this Month of Kernel Bugs advisory.

Resources