Skip to content. | Skip to navigation

Sections

Personal tools

What is this?: Hi, my name is Tom Lazar and I'm a Plone and Zope developer based in Berlin, Germany and this is my personal and professional (no big difference, really...) website.

Search: Advanced Search…

DoS vulnerability in OS X Server Admin

Tag Cloud: 24c3 apache archipelago-sprint atom bittorrent bizniz blogging blueprintcss cache-fu chaos cooking css cyrus datenschleuder deliverance exim family freebsd funny geek general google code health hints humour internals ipython jquery ldap life linguaplone linux macintosh metablogging microsoft-esse-delendam moinmoin music musings nginx note-to-myself piktipi-sprint plone plone-sites ploneconf-2005 ploneconf2007 ploneperfbristol2008 podcasting politics python quicksilver quills rant rebloggeria repoze snowsprint3 spam st-augustin-sprint tdd testing textmate trac transmission twitter ubuntu varnish web development wiki wsgi xml zope

Weblog Archive

Year 2003
- November (5)
- December (38)

Year 2004

Year 2005

Year 2006
- January (7)
- February (11)
- March (2)
- April (9)
- May (4)
- June (4)
- July (3)
- August (8)
- September (5)
- October (11)
- November (3)

Year 2007

Year 2008

Quills

DoS vulnerability in OS X Server Admin

Filed Under:

macintosh

Security Alert

Haven't seen this anywhere else yet (except at macnews.de), so might as well post it here.

According to the bulletin, there is a buffer-overflow vulnerability in the code that listens on port 660 (i.e. for Workspace Manager and Server Admin) that can lead to a server restart or, even worse to execution of arbitrary code.

I've shut down port 660 on all my publicly reachable systems...

Twitter updates

follow me on twitter

Recent Comments: FileMaker ODBC engine is buggy; daemon; Re: Response to Filemaker sucks (tomster); Response to Filemaker sucks; Thanks; Markdown and Textile is not all there is ...; linux --sbin-path; a bad tool by any other name..; An alternative; Nginx is old; Dojo & Plone; Groups Information; interesting. haven't tried groups, actually (tomster); Mac OS X Server LDAP Groups; Oh yes, it DOES suck!

Recent Entries: Bristol Plone Performance Sprint Day #1; Windmill for Browser testing; lxml on Mac OS X; Netboot installing Ubuntu on a SunFire X2200; blueprint css + jquery; Connecting Plone to Mac OS X Server with LDAP; nginx + mod_wsgi + python2.4; Today is Naked CSS Day; Deliverance á la WSGI for Plone; Using the OKI C9800 on a Mac; URL-dependent skinswitching in Plone 3; Site wide maintenance message; nginx and varnish on Mac OS X; Chaosradio Express on Plone and Zope; The state of the Union^WLinguaPlone

Technorati: Add to Technorati Favorites

Recent Entries: Bristol Plone Performance Sprint Day #1; Windmill for Browser testing; lxml on Mac OS X; Netboot installing Ubuntu on a SunFire X2200; blueprint css + jquery

Recent Comments: FileMaker ODBC engine is buggy; daemon; Re: Response to Filemaker sucks (tomster); Response to Filemaker sucks; Thanks

Weblog Authors: admin; Tom Lazar

Location: Berlin, Germany