CVE-2006-1470

Apple Mac OS X 10.4-10.4.6 - Denial of Service via Invalid LDAP Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1470. PoCs published by Mu Security research.

AI-analyzed exploit summary This exploit leverages a format string vulnerability in Mac OS X's launchd to achieve local privilege escalation by overwriting memory addresses and executing arbitrary shellcode. It creates a malicious .plist file that, when loaded via launchctl, triggers the vulnerability.

Description

OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Mu Security research · perldososx

https://www.exploit-db.com/exploits/28135

View Code ZIP pw:eip

This exploit leverages a format string vulnerability in Mac OS X's launchd to achieve local privilege escalation by overwriting memory addresses and executing arbitrary shellcode. It creates a malicious .plist file that, when loaded via launchctl, triggers the vulnerability.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Mac OS X launchd (versions prior to 10.4.7)

No auth needed

Prerequisites: Local access to the target system · Ability to execute the Perl script · Vulnerable version of Mac OS X (pre-10.4.7)

MITRE ATT&CK