• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Apple Mac OS X TruBlueEnvironment Local Buffer Overflow Vulnerability

Severity: HIGH

Description:

TruBlueEnvironment is a component of the Mac OS Classic emulator that is shipped and installed by default as a part of Mac OS X.

TruBlueEnvironment has been reported prone to a local buffer overflow vulnerability. The issue has been reported to exist due to a lack of sufficient boundary checks performed on data contained in Environment variables, before they are copied into a reserved buffer in TruBlueEnvironment stack based memory.

A local attacker may exploit this vulnerability by specifying a value for the affected environment variable that exceeds the size of the reserved buffer in TruBlueEnvironment memory. Excessive data that is supplied in this manner will overrun the boundary of the reserved buffer and will corrupt adjacent memory. Ultimately this may allow a local attacker to overwrite sensitive values that are required to control TruBlueEnvironment execution flow. In doing so the attacker may influence TruBlueEnvironment execution flow into attacker supplied instructions. Because TruBlueEnvironment is setuid root, these instructions will be executed with root privileges.

It should be noted that this vulnerability was originally described as an unspecified issue in 9504. It is now being assigned a unique BID.

Affected Products:

• Apple Mac OS X 10.1.0
• Apple Mac OS X 10.1.1
• Apple Mac OS X 10.1.2
• Apple Mac OS X 10.1.3
• Apple Mac OS X 10.1.4
• Apple Mac OS X 10.1.5
• Apple Mac OS X 10.2.0
• Apple Mac OS X 10.2.1
• Apple Mac OS X 10.2.2
• Apple Mac OS X 10.2.3
• Apple Mac OS X 10.2.4
• Apple Mac OS X 10.2.5
• Apple Mac OS X 10.2.6
• Apple Mac OS X 10.2.7
• Apple Mac OS X 10.2.8
• Apple Mac OS X 10.3.0
• Apple Mac OS X 10.3.1
• Apple Mac OS X 10.3.2
• Apple Mac OS X Server 10.1.0
• Apple Mac OS X Server 10.1.1
• Apple Mac OS X Server 10.1.2
• Apple Mac OS X Server 10.1.3
• Apple Mac OS X Server 10.1.4
• Apple Mac OS X Server 10.1.5
• Apple Mac OS X Server 10.2.0
• Apple Mac OS X Server 10.2.1
• Apple Mac OS X Server 10.2.2
• Apple Mac OS X Server 10.2.3
• Apple Mac OS X Server 10.2.4
• Apple Mac OS X Server 10.2.5
• Apple Mac OS X Server 10.2.6
• Apple Mac OS X Server 10.2.7
• Apple Mac OS X Server 10.2.8
• Apple Mac OS X Server 10.3.0
• Apple Mac OS X Server 10.3.1
• Apple Mac OS X Server 10.3.2

References:

• @stake: TruBlueEnvironment Buffer Overflow

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.