Immunity, Inc.
Name mu
CVE CVE-2007-3744
Exploit Pack CANVAS
DescriptionMacOS X 10.4 mDNSResponder UPNP Remote Root Exploit
NotesCVE Name: CVE-2007-3744
Notes: If the target port is not specified, it will be located automatically.
This exploit will attempt to bypass the built-in OS X firewall by sending packets
from port 5353. Hence, it currently only works from a LocalNode.

If you're testing on your own box, and you crash mDNS, by picking the wrong
version, you can find the new port via: netstat -an | grep udp4

It will likely be 49XXX or 5XXXX.

This exploit does not work FROM an OS X machine due to UDP packet size limits. Sorry!

VENDOR: Apple
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3744
CVSS: 5.8

Learn more about the CANVAS Exploit Pack here: CANVAS