Vulnerability Tutorial - Apple Filing Protocol
  Created: 05/13/04     (RED light) CVE 2004-0430
 		 
Impact
A remote attacker could execute arbitrary commands with root privileges, thereby taking complete control of the vulnerable computer.
Background
The Apple Filing Protocol (AFP) allows Mac OS users to share files over a network. It is analogous to the SMB protocol on Microsoft Windows operating systems. It is implemented by the AppleFileServer application, which listens for connections on TCP port 548 whenever the Personal File Sharing box is checked in the Sharing Preferences.
The Problem
A buffer overflow condition in the parsing of the PathName argument when using the Cleartext Password authentication method could allow a remote attacker to execute arbitrary commands. Since the buffer overflow occurs before authentication, an attacker would not need to know a valid account name and password in order to exploit the vulnerability.

Mac OS versions 10.2.8 through 10.3.3 are affected by this vulnerability.

Resolution
Install Mac OS security update 2004-05-03, or deselect the Personal File Sharing box in the Sharing Preferences.
More Information
This vulnerability was reported in an @stake security advisory.