Vulnerabilities > CVE-2009-1237 - Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS. CVE-2009-1237. Dos exploit for osx platform file exploits/osx/dos/8263.c id EDB-ID:8263 last seen 2016-02-01 modified 2009-03-23 platform osx port published 2009-03-23 reporter mu-b source https://www.exploit-db.com/download/8263/ title Mac OS X xnu <= 1228.3.13 macfsstat Local Kernel Memory Leak/DoS type dos description Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC. CVE-2009-1237. Dos exploit for osx platform file exploits/osx/dos/8264.c id EDB-ID:8264 last seen 2016-02-01 modified 2009-03-23 platform osx port published 2009-03-23 reporter mu-b source https://www.exploit-db.com/download/8264/ title Mac OS X xnu <= 1228.3.13 profil Kernel Memory Leak/DoS PoC type dos
References
- http://secunia.com/advisories/34424
- http://secunia.com/advisories/34424
- http://www.digit-labs.org/files/exploits/xnu-macfsstat-leak.c
- http://www.digit-labs.org/files/exploits/xnu-macfsstat-leak.c
- http://www.digit-labs.org/files/exploits/xnu-profil-leak.c
- http://www.digit-labs.org/files/exploits/xnu-profil-leak.c
- http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID=216401181
- http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID=216401181
- http://www.securityfocus.com/bid/34202
- http://www.securityfocus.com/bid/34202
- https://www.exploit-db.com/exploits/8263
- https://www.exploit-db.com/exploits/8263
- https://www.exploit-db.com/exploits/8264
- https://www.exploit-db.com/exploits/8264