Priveon Labs Security Blog

 
« IE 0-day Used in Attack on Google and Other CompaniesRHEL, CSA, & IPv6 Weirdness »

Multiple BSD Distributions dtoa.c (pdtoa.c) and 'gdtoa/misc.c' Memory Corruption Vulnerability

01/12/10

Permalink 09:10:03 am, by Zach Brewer, 132 words
Categories: Security Advisories, General Security, Mac OS X

Multiple BSD Distributions dtoa.c (pdtoa.c) and 'gdtoa/misc.c' Memory Corruption Vulnerability

Several sources including SecurityFocus and SANS ISC are reporting BSD based distributions and other software, including Mac OSX 10.5 and 10.6, are vulnerable to CVE-2009-0689. The vulnerability is reported as both remotely and locally exploitable and because of the number of products that use these libraries, both the discovery of vulnerable products as well as patching efforts may be extensive.

As of this post, there is no OSX patch currently available for this vulnerability. Keep up to date on all software patches, particularly BSD based operating systems and other software identified in the CVE-2009-0689 security advisory. Additional mitigation procedures and other details will be posted as they become available.

Links:

http://isc.sans.org/diary.html?storyid=7942

http://www.securityfocus.com/bid/35510

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689

PermalinkPermalink

Priveon, Inc.

Today's complex security and networking solutions require a great deal of knowledge to successfully support and operate. Priveon uses the field experience of its expert staff to develop and maintain a positive reinforcement loop between business practices and to provide the latest information to our customers. The information posted here is supported by Priveon subject-matter experts.

Search

Categories

XML Feeds

What is RSS?

Archives

©2010 by Priveon, Inc.