CVE-2008-0990

Name of the Vulnerable Software and Affected Versions Apple Mac OS X version 10.4.11

Description The issue concerns a problem where notifyd in Apple Mac OS X does not verify the origin of Mach port death notifications. This allows local users to cause a denial of service by sending spoofed death notifications, which in turn prevents other applications from receiving notifications.

Recommendations For Apple Mac OS X version 10.4.11, consider restricting access to the Mach port death notifications until a fix is available. As a temporary workaround, disabling the reception of death notifications from unverified sources may help minimize the risk of exploitation.