Vulnerabilities > CVE-2011-3259 - Resource Management Errors vulnerability in Apple TV and Iphone OS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The kernel in Apple iOS before 5 and Apple TV before 4.4 does not properly recover memory allocated for incomplete TCP connections, which allows remote attackers to cause a denial of service (resource consumption) by making many connection attempts.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
- http://support.apple.com/kb/HT4999
- http://support.apple.com/kb/HT5001
- http://www.securityfocus.com/bid/50087
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70530