Apple.macOS.mDNSResponder.Location.Overflow

description-logoDescription

This indicates an attempt to exploit a vulnerability in Apple Mac OS X.
Apple MAC OS X ships with the Bonjour system service, mDNSResponder, which listens on an ephemeral UDP port, by default. An overflow can be triggered by sending overly long data in the "Location:" header of a request to mDNSResponder. As a result, remote code execution as root may be possible.

affected-products-logoAffected Products

Any version of MAC OS X.

Impact logoImpact

Arbitrary code execution.

recomended-action-logoRecommended Actions

Currently, we are not aware of any officially supplied fix for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)