| Vulnerability Name: | CVE-2010-1794 (CCN-60670) |
| Assigned: | 2010-07-26 |
| Published: | 2010-07-26 |
| Updated: | 2018-10-10 |
| Summary: | The webdav_mount function in webdav_vfsops.c in the WebDAV kernel extension (aka webdav_fs.kext) for Mac OS X 10.6 allows local users to cause a denial of service (panic) via a mount request with a large integer in the pa_socket_namelen field.
|
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)| Exploitability Metrics: | Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): Low |
|
| CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
4.0 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:U/RC:UR)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete |
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.7 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial |
|
| Vulnerability Type: | CWE-264
|
| Vulnerability Consequences: | Denial of Service |
| References: | Source: CCN
Type: BugTraq Mailing List, Mon Jul 26 2010
Mac OS X WebDAV kernel extension local denial-of-service
Source: CCN
Type: Full-Disclosure Mailing List, Mon Jul 26 2010
Mac OS X WebDAV kernel extension local denial-of-service
Source: MITRE
Type: CNA
CVE-2010-1794
Source: CCN
Type: SA40674
Apple Mac OS X WebDAV Kernel Extension Local Denial of Service
Source: CCN
Type: SECTRACK ID: 1024250
Mac OS X WebDAV Memory Allocation Error Lets Local Users Deny Service
Source: SECTRACK
Type: UNKNOWN
1024250
Source: CCN
Type: Apple Web site
Apple Mac OS X
Source: CCN
Type: OSVDB ID: 66824
Apple Mac OS X WebDAV Kernel Extension webdav_vfsops.c webdav_mount Function Local DoS
Source: BUGTRAQ
Type: UNKNOWN
20100726 Mac OS X WebDAV kernel extension local denial-of-service
Source: BID
Type: UNKNOWN
41958
Source: CCN
Type: BID-41958
Apple Mac OS X WebDAV Kernel Extension Local Denial Of Service Vulnerability
Source: XF
Type: UNKNOWN
macos-webdavmount-dos(60670)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
Configuration CCN 1:
cpe:/o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.0:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.2.0:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.3.0:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.2:2008-002:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*AND cpe:/o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| BACK |