Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-6276Apple MAC OS X vulnerability

CWE-1894 documents4 sources
Severity
7.8HIGHNVD
EPSS
14.0%
top 5.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedDec 7
Latest updateMay 1

Description

The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

NVDapple/mac_os_x4 versions+3
NVDapple/mac_os_x_server4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-9fjr-c564-rwj5: The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 102022-05-01
CVEList
CVE-2007-6276: The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 102007-12-07

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX 10.5.0 (Leopard) - vpnd Remote Denial of Service (PoC)2007-12-04
CVE-2007-6276 — Apple MAC OS X vulnerability | cvebase