CVE-2007-0613

Name of the Vulnerable Software and Affected Versions mDNSResponder in Apple Mac OS X version 10.4.8 iChat version 3.1.6 InstantMessage framework version 428 in Apple Mac OS X version 10.4.8

Description The issue is related to the Bonjour functionality in the affected software, which does not check for duplicate entries when adding newly discovered available contacts. This allows remote attackers to cause a denial of service, disrupting communication, by sending a flood of duplicate presence. tcp mDNS queries.

Recommendations For mDNSResponder in Apple Mac OS X version 10.4.8, consider restricting access to the Bonjour functionality to minimize the risk of exploitation. For iChat version 3.1.6, avoid using the InstantMessage framework until the issue is resolved. For InstantMessage framework version 428 in Apple Mac OS X version 10.4.8, as a temporary workaround, consider disabling the framework until a patch is available.