3:25 PM - OS X 10.4.10 post security patch issue
Those of you on home routers using OS X maybe in for a surprise. Apple has disabled UPNP support in the latest update for mDNSresponder. That means your router can't automatically open ports for you when using things like iChat.
-----
mDNSResponder
CVE-ID: CVE-2007-3744
Available for: Mac OS X v10.4.10, Mac OS X Server v10.4.10
Impact: An attacker on the local network may be able to cause a denial
of service or arbitrary code execution
Description: A buffer overflow vulnerability exists in the UPnP IGD
(Internet Gateway Device Standardized Device Control Protocol) code
used to create Port Mappings on home NAT gateways in the Mac OS X
implementation of mDNSResponder. By sending a maliciously crafted
packet, an attacker on the local network can trigger the overflow
which may lead to an unexpected application termination or arbitrary
code execution. This update addresses the issue by removing UPnP IGD
support. This issue does not affect systems prior to Mac OS X v10.4.
----