2 matches found
CVE-2015-5917
The glob implementation in tnftpd formerly lukemftpd, as used in Apple OS X before 10.11, allows remote attackers to cause a denial of service memory consumption and daemon outage via a STAT command containing a crafted pattern, as demonstrated by multiple instances of the ..,..,../ substring...
CVE-2015-5917
CVE-2015-5917 affects Apple OS X via tnftpd (formerly Lukemftpd). The glob processing vulnerability in tnftpd can cause memory consumption and daemon outage (DoS) when handling a STAT command containing crafted {..,..,..}/* patterns, affecting OS X versions prior to 10.11. Connected sources corro...