{"vuid":"VU#354486","idnumber":"354486","name":"Apple Mac OS X Server NetInfo Setup Tool fails to validate command line parameters","keywords":["Apple","Mac OS X Server","Netinfo Setup Tool","NeST","NetInfo","-target","buffer overflow","apple_security_update_2005_005"],"overview":"Apple Mac OS X Server NeST tool contains a vulnerability in the processing of command line arguments that could allow an attacker to execute arbitrary code.","clean_desc":"NeST is the NetInfo Setup Tool for Apple Mac OS X Server. There is a buffer overflow vulnerability in the way NeST performs bounds checking on command line arguments. By supplying the -target command line parameter with an overly long string of characters, a local user could execute arbitrary code on the system with privileges of the NeST process. Please note that NeST executes with root privileges.","impact":"A local user could execute arbitrary code with privileges of the NeST process, possibly root.","resolution":"Apply Update Apple has released Apple Security update 2005-005 to correct this issue.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported by iDEFENSE Labs who acknowledges Nico for providing information concerning this vulnerability.","author":"This document was written by Jeff Gennari.","public":["http://www.idefense.com/application/poi/display?id=239","http://secunia.com/advisories/15227/","http://docs.info.apple.com/article.html?artnum=301528"],"cveids":["CVE-2005-0594"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2005-05-04T16:56:07Z","publicdate":"2005-05-03T00:00:00Z","datefirstpublished":"2005-05-16T14:51:53Z","dateupdated":"2005-05-17T16:00:21Z","revision":24,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"19","cam_impact":"15","cam_easeofexploitation":"10","cam_attackeraccessrequired":"10","cam_scorecurrent":"10.6875","cam_scorecurrentwidelyknown":"13.359375","cam_scorecurrentwidelyknownexploited":"24.046875","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":10.6875,"vulnote":null}