Intrusion Prevention

Apple.macOS.mDNSResponder.Location.Overflow

Description

This indicates an attempt to exploit a vulnerability in Apple Mac OS X.
Apple MAC OS X ships with the Bonjour system service, mDNSResponder, which listens on an ephemeral UDP port, by default. An overflow can be triggered by sending overly long data in the "Location:" header of a request to mDNSResponder. As a result, remote code execution as root may be possible.

Affected Products

Any version of MAC OS X.

Impact

Arbitrary code execution.

Recommended Actions

Currently, we are not aware of any officially supplied fix for this issue.

CVE References

CVE-2007-2386