Back to search
CVE-2015-5917
Published: Oct 9, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances of the {..,..,..}/* substring.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1033703
vdb-entry
x_refsource_SECTRACK
https://www.youtube.com/watch?v=MBK4QYkUm10
x_refsource_MISC
https://cxsecurity.com/issue/WLB-2013040082
x_refsource_MISC
APPLE-SA-2015-09-30-3
vendor-advisory
x_refsource_APPLE
https://support.apple.com/HT205267
x_refsource_CONFIRM
76908
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now