Apple.macOS.mDNSResponder.Location.Overflow
Description
This indicates an attempt to exploit a vulnerability in Apple Mac OS X.
Apple MAC OS X ships with the Bonjour system service, mDNSResponder, which listens on an ephemeral UDP port, by default. An overflow can be triggered by sending overly long data in the "Location:" header of a request to mDNSResponder. As a result, remote code execution as root may be possible.
Affected Products
Any version of MAC OS X.
Impact
Arbitrary code execution.
Recommended Actions
Currently, we are not aware of any officially supplied fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |