CVE-2013-6799
published 2013-11-18CVE-2013-6799: Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this…
PriorityP418medium4.7CVSS 2.0
AVLACMAuNCNINAC
EXPLOIT
EPSS
0.79%
51.6th percentile
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
CVSS provenance
nvdv2.04.7MEDIUMAV:L/AC:M/Au:N/C:N/I:N/A:C
vendor_redhat4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wghh-9cwm-cgm9: Apple Mac OS X 10
ghsa_unreviewed·2022-05-17·CVSS 4.9
CVE-2013-6799 [MEDIUM] CWE-119 GHSA-wghh-9cwm-cgm9: Apple Mac OS X 10
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
Red Hat
CVE-2013-6799: Apple Mac OS X 10
vendor_redhat·CVSS 4.9
CVE-2013-6799 [MEDIUM] CVE-2013-6799: Apple Mac OS X 10
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
Statement: Not vulnerable. This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
No detection rules found.
Exploit-DB
Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow
exploitdb·2015-12-09
CVE-2015-7039 Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow
Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow
---
MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow
Credit: Maksymilian Arciemowicz ( CXSECURITY )
Website:
http://cxsecurity.com/
http://cert.cx/
Affected software:
- MACOS's Commands such as: ls, find, rm
- iPhone 4s and later,
- Apple Watch Sport, Apple Watch, Apple Watch Edition and Apple Watch Hermes
- Apple TV (4th generation)
- probably more
Apple file system suffer for a issue recognised in FTS library. The main problem occur when we create deep filesystem hierarchy. Unexpected behavior of many programs and invalid memory write seems really interesting.
PoC:
Create an direcotry and perform the following actions:
# for i in {1..1024}; do mkdir B && cd B; done
...
cd: error retrievi
Exploit-DB
Apple Mac OSX 10.9 - Hard Link Memory Corruption
exploitdb·2014-04-08·CVSS 4.9
CVE-2013-6799 [MEDIUM] Apple Mac OSX 10.9 - Hard Link Memory Corruption
Apple Mac OSX 10.9 - Hard Link Memory Corruption
---
/*
MacOSX/XNU HFS Multiple Vulnerabilities
Maksymilian Arciemowicz
http://cxsecurity.com/
http://cifrex.org/
On November 8th, I've reported vulnerability in hard links for HFS+
(CVE-2013-6799)
http://cxsecurity.com/issue/WLB-2013110059
The HFS+ file system does not apply strict privilege rules during the
creating of hard links. The ability to create hard links to directories is
wrong implemented and such an issue is affecting os versions greater or
equal to 10.5. Officially Apple allows you to create hard links only for
your time machine. Vulnerability CVE-2013-6799 (incomplete fix
for CVE-2010-0105) allow to create hard link to directory and the number of
hard links may be freely high. To create N hard links, you must use a
specia
http://archives.neohapsis.com/archives/bugtraq/2013-11/0033.htmlhttp://archives.neohapsis.com/archives/bugtraq/2013-11/0051.htmlhttp://cxsecurity.com/issue/WLB-2013110059http://archives.neohapsis.com/archives/bugtraq/2013-11/0033.htmlhttp://archives.neohapsis.com/archives/bugtraq/2013-11/0051.htmlhttp://cxsecurity.com/issue/WLB-2013110059
2013-11-18
Published