Published: 18/11/2013 Updated: 20/11/2013

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

VMScore: 475

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.9

/* MacOSX/XNU HFS Multiple Vulnerabilities Maksymilian Arciemowicz cxsecuritycom/ cifrexorg/ =================== On November 8th, I've reported vulnerability in hard links for HFS+ (CVE-2013-6799) cxsecuritycom/issue/WLB-2013110059 The HFS+ file system does not apply strict privilege rules during the creating of hard lin ...

Mac OS X version 1011 suffered from an FTS deep structure of the file system buffer overflow vulnerability ...

MacOS X 1011 suffers from a hardlink bomb issue that causes resource exhaustion ...

The MacOS X 1011 FTS library suffers from a buffer overflow vulnerability ...

Multiple vulnerabilities have been reported in HFS, including a hard linking issue that can be used to trigger a denial of service condition ...

CWE-119 http://archives.neohapsis.com/archives/bugtraq/2013-11/0033.html http://archives.neohapsis.com/archives/bugtraq/2013-11/0051.html http://cxsecurity.com/issue/WLB-2013110059 https://nvd.nist.gov https://www.exploit-db.com/exploits/32754/

CVE-2013-6799

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect