CVE-2007-0299

The CVE-2007-0299 vulnerability affects Apple Mac OS X 10.4.8 where the integer overflow in the byte_swap_sbin() function of the UFS DMG handling (ufs_byte_order.c) can be triggered by mounting a crafted DMG image. This may cause an invalid pointer dereference leading to a denial-of-service (kern...

CVE-2007-0299

Integer overflow in the byteswapsbin function in bsd/ufs/ufs/ufsbyteorder.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service kernel panic by mounting a crafted Unix File System UFS DMG image, which triggers an invalid pointer dereference...

Cross site scripting

The ufslookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service kernel panic and possibly corrupt other filesystems by mounting a crafted UNIX File System UFS DMG image that contains a corrupted directory entry struct direct, related to the...

CVE-2007-0267

The CVE-2007-0267 issue affects Mac OS X 10.4.8 and FreeBSD 6.1 kernels, where the ufs_lookup function can be triggered to cause a denial of service (kernel panic) and potentially corrupt other filesystems by mounting a crafted UFS DMG image containing a corrupted directory entry (struct direct) ...

Double free

Double free vulnerability in the ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service kernel panic and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow...

CVE-2007-0236

Double free vulnerability in the ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service kernel panic and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow...

CVE-2007-0236

Double free vulnerability in the ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service kernel panic and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow...

MOAB-12-01-2007: Apple DMG UFS ufs_lookup() Denial of Service Vulnerability

Summary A specially crafted UFS filesystem in a DMG image can cause the ufslookup function to call ufsdirbad when a corrupted directory entry is being read, leading to a kernel panic denial of service. This issue can't lead to arbitrary code execution. Affected versions This issue has been verifi...

MOAB-11-01-2007: Apple DMG UFS byte_swap_sbin() Integer Overflow Vulnerability

Summary The byteswapsbin function, one of the UFS byte swapping routines this code isn't present in FreeBSD and it's Mac OS X XNU-specific; used for compatibility of filesystem streams between little and big-endian systems is affected by a integer overflow vulnerability, leading to an exploitable...

MOAB-13-01-2007: Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability

Summary A specially crafted HFS+ filesystem in a DMG image can cause the dohfstruncate function to panic the kernel denial of service, when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+...

Ipswitch WS_FTP 2007 Professional - WSFTPURL.exe Local Memory Corruption

Ipswitch WSFTP 2007 Professional - WSFTPURL.exe Local Memory Corruption // source: https://www.securityfocus.com/bid/22062/info Ipswitch WSFTP 2007 Professional is prone to a local memory-corruption vulnerability. This issue occurs when the 'wsbho2k0.dll' library fails to handle specially crafted...

Apple Mac OSX 10.4.8 - AppleTalk ATPsndrsp() Heap Buffer Overflow (PoC)

Apple Mac OSX 10.4.8 - AppleTalk ATPsndrsp Heap Buffer Overflow PoC / proof of concept for moab-14-01-2007 Copyright c 2006, LMH Shout outs to: icer, kf, ilja, hd, et al. free feedback samples for public consumption: "the panic function takes a string for the reason the panic occurred. As you can...

Mac OS X 10.4.8 AppleTalk ATPsndrsp() Heap Buffer Overflow PoC

Exploit for macOS platform in category dos / poc ============================================================== Mac OS X 10.4.8 AppleTalk ATPsndrsp Heap Buffer Overflow PoC ============================================================== / proof of concept for moab-14-01-2007 Copyright c 2006, LMH...

Apple Mac OSX 10.4.8 - DMG HFS+ DO_HFS_TRUNCATE Denial of Service

Apple Mac OSX 10.4.8 - DMG HFS+ DOHFSTRUNCATE Denial of Service source: https://www.securityfocus.com/bid/22042/info Apple Mac OS X is prone to a denial-of-service vulnerability when handling a DMG image containing a specially crafted HFS+ filesystem. A successful exploit can allow an attacker to...

Apple Mac OSX 10.4.8 - DMG UFS UFS_LookUp Denial of Service

Apple Mac OSX 10.4.8 - DMG UFS UFSLookUp Denial of Service source: https://www.securityfocus.com/bid/22036/info Apple Mac OS X is prone to a remote denial-of-service vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images. A successful exploit...

Apple Mac OSX 10.4.8 - DMG HFS+ DO_HFS_TRUNCATE Denial of Service

source: https://www.securityfocus.com/bid/22042/info Apple Mac OS X is prone to a denial-of-service vulnerability when handling a DMG image containing a specially crafted HFS+ filesystem. A successful exploit can allow an attacker to cause a kernel panic, resulting in a denial-of-service conditio...

Apple Mac OSX 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow

Apple Mac OSX 10.4.8 - DMG UFS ByteSwapSbin Integer Overflow source: https://www.securityfocus.com/bid/22022/info Apple Mac OS X is prone to a remote integer-overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images. A successful exploi...

Apple Mac OSX 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow

source: https://www.securityfocus.com/bid/22022/info Apple Mac OS X is prone to a remote integer-overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images. A successful exploit can allow a remote attacker to cause kernel panic, resultin...

CVE-2006-6654

The CVE covers a vulnerability in NetBSD where the sendmsg path on 64-bit architectures can panic the kernel due to an invalid msg_controllen passed to sendit. Affected are NetBSD-current prior to 20061023, NetBSD 3.0 and 3.0.1 prior to 20061024, and NetBSD 2.x prior to 20061029. The issue is a d...

CVE-2006-6655

The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service kernel panic by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mountprocfs -...