Name | mu |
CVE | CVE-2007-3744 |
Exploit Pack | CANVAS |
Description | MacOS X 10.4 mDNSResponder UPNP Remote Root Exploit |
Notes | CVE Name: CVE-2007-3744 Notes: If the target port is not specified, it will be located automatically. This exploit will attempt to bypass the built-in OS X firewall by sending packets from port 5353. Hence, it currently only works from a LocalNode. If you're testing on your own box, and you crash mDNS, by picking the wrong version, you can find the new port via: netstat -an | grep udp4 It will likely be 49XXX or 5XXXX. This exploit does not work FROM an OS X machine due to UDP packet size limits. Sorry! VENDOR: Apple CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3744 CVSS: 5.8 |
Learn more about the CANVAS Exploit Pack here: CANVAS |