{"vuid":"VU#765096","idnumber":"765096","name":"Mac OS X kernel \"fpathconf()\" syscall fails to properly handle unknown file types","keywords":["Mac","OS X","kernel","DoS","denial of service \"fpathconf()\" syscall fails to properly handle unknown file types","apple_2007-003"],"overview":"A vulnerability in the Mac OS X kernel could allow an authenticated local attacker to cause a denial of service.","clean_desc":"The fpathconf() system call provides a method for applications to determine the current value of a configurable system limit or option variable associated with a file descriptor. The version of fpathconf() provided with the Apple Mac OS X kernel (XNU) is programmed to panic when it is passed file descriptors associated with types it cannot otherwise handle, such as semaphore descriptors returned by the sem_open() system call for named semaphores.","impact":"An authenticated local attacker could cause the affected system to crash due to a kernel panic. This condition results in a denial of service.","resolution":"Apply a patch from the vendor Apple has published Mac OS X 10.4.9 for Mac OS X 10.4 (Tiger) systems and Security Update 2007-003 for Mac OS X 10.3 (Panther) systems in response to this issue. Users are encouraged to review Apple Support Article ID 305214 and apply the appropriate update for their system.","workarounds":"","sysaffected":"","thanks":"This vulnerability was published by LMH as part of the Month of Kernel Bugs project. Ilja van Sprundel is credited with the discovery of this issue.","author":"This document was written by Chad R Dougherty.","public":["http://projects.info-pull.com/mokb/MOKB-09-11-2006.html","http://secunia.com/advisories/22808/","http://docs.info.apple.com/article.html?artnum=305214","http://secunia.com/advisories/24479/","http://securitytracker.com/alerts/2007/Mar/1017751.html","http://www.securityfocus.com/bid/20982"],"cveids":["CVE-2006-5836"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-11-09T14:11:06Z","publicdate":"2006-11-09T00:00:00Z","datefirstpublished":"2007-03-14T02:29:34Z","dateupdated":"2007-07-21T02:54:48Z","revision":10,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"2","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"15","cam_impact":"8","cam_easeofexploitation":"10","cam_attackeraccessrequired":"10","cam_scorecurrent":"5.175","cam_scorecurrentwidelyknown":"5.175","cam_scorecurrentwidelyknownexploited":"9.675","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":5.175,"vulnote":null}