CVE-2003-1006

Apple Mac OS X 10.0-10.3.2 and Mac OS X Server 10.0-10.3.2 - Local Buffer Overflow via Long Command Line Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1006. PoCs published by Max.

AI-analyzed exploit summary The exploit demonstrates a local buffer overflow in cd9660.util via an overly long argument to the -p switch, potentially allowing arbitrary code execution. The PoC uses a Perl one-liner to generate a 512-byte 'A' string to trigger the overflow.

Description

Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Max · textdososx

https://www.exploit-db.com/exploits/23442

View Code ZIP pw:eip

The exploit demonstrates a local buffer overflow in cd9660.util via an overly long argument to the -p switch, potentially allowing arbitrary code execution. The PoC uses a Perl one-liner to generate a 512-byte 'A' string to trigger the overflow.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Theoretical

Target: cd9660.util (version not specified)

No auth needed

Prerequisites: Local access to the target system · cd9660.util installed

MITRE ATT&CK