CVE-2007-0267

Mac OS X 10.4.8 - Denial of Service via Crafted UFS DMG Image

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0267. PoCs published by LMH.

AI-analyzed exploit summary This is a writeup describing a remote denial-of-service vulnerability in Apple Mac OS X due to improper handling of crafted DMG images by the UFS filesystem handler. The vulnerability can cause a kernel panic, leading to a DoS condition.

Description

The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service (kernel panic) and possibly corrupt other filesystems by mounting a crafted UNIX File System (UFS) DMG image that contains a corrupted directory entry (struct direct), related to the ufs_dirbad function. NOTE: a third party states that the FreeBSD issue does not cross privilege boundaries.

Exploits (1)

exploitdb WRITEUP VERIFIED

by LMH · textdososx

https://www.exploit-db.com/exploits/29452

View Code ZIP pw:eip

This is a writeup describing a remote denial-of-service vulnerability in Apple Mac OS X due to improper handling of crafted DMG images by the UFS filesystem handler. The vulnerability can cause a kernel panic, leading to a DoS condition.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: Apple Mac OS X 10.4.8

No auth needed

Prerequisites: A crafted DMG image

MITRE ATT&CK