|Home » Industry Watch (» The Technological » Hall of Monkeys » Heroes Banquet)
UPnP IGD: Disabled
Apple address security exploit by turning things off.
Possibly in response to the stir caused by the phantom security blog 'Infosec Sellout' Apple have in their 31 July security update disabled their Universal Plug and Play Internet Gateway Device aka UPnP IGD.
No information is available about Apple's intentions - whether the move is temporary or permanent.
Available for: Mac OS X v10.4.10, Mac OS X Server v10.4.10
Impact: An attacker on the local network may be able to cause a denial of service or arbitrary code execution
Description: A buffer overflow vulnerability exists in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code used to create Port Mappings on home NAT gateways in the Mac OS X implementation of mDNSResponder. By sending a maliciously crafted packet, an attacker on the local network can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution.
This update addresses the issue by removing UPnP IGD support.
MITRE's listing for the vulnerability is empty. No information is available about who registered the CVE or about what it relates to. An exploit appearing at SecurityFocus also claimed a vulnerability but offered neither further information nor workaround.
|Name||CVE-2007-3744 (under review)|
|Description||** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.|
The Cat Tripped
Apple's multicast DNS - of which UPnP IGD is a part - is in turn part and parcel of Apple's Bonjour - aka Rendevous aka Zeroconf - and was created by Stuart Cheshire while working at Apple as a 'wizard without portfolio'. Cheshire had previously created Bolo, a 1987 network 'tank' game for the BBC Micro computer later ported to the Apple Macintosh.
Cheshire is coauthor with Daniel Steinberg of Zero Configuration Networking: The Definitive Guide.
Sûnnet Beskerming: Worm Threat Forces Apple to Disable Software?