I read the advisory for the libc/strtod(3) buffer overflow over the weekend and wondered if 10.4.11 wasn’t included simply because nobody tested, and I think I’m right. I logged in to a 10.4.11 machine in Console by entering “>console” in the Name: field of the login window. Then I logged in as my local admin account and typed “printf %1.262159f 1.1” and sure enough I was knocked out of my session back to the login window. It would appear to me that 10.4.11 is vulnerable to this overflow. Now let’s see if Apple goes back and makes a patch for 10.4.11 as well as 10.5.8 and 10.6.2. I would imagine now would be a good time for folks to remove anything older than 10.4.11 from your environment, and depending on Apple’s response you may end up moving all your 10.4.11 to 10.5.8 or 10.6.2 if they don’t issue a patch.

 

Advertisements