CVE-2009-2832Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple MAC OS X Server

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
5.1MEDIUMNVD
EPSS
1.8%
top 17.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple MAC OS X Server
Timeline
PublishedNov 10
Latest updateMay 2

Description

Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a CWD command specifying a pathname in a deeply nested hierarchy of directories, related to a "CWD command line tool."

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

NVDapple/mac_os_x_server10.6.1+58

Patches

Patch: lists.apple.comPatch: support.apple.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-vmrg-crrh-jrmg: Buffer overflow in FTP Server in Apple Mac OS X before 102022-05-02
CVEList
CVE-2009-2832: Buffer overflow in FTP Server in Apple Mac OS X before 102009-11-10
CVE-2009-2832 — Apple MAC OS X Server vulnerability | cvebase