CVE-2011-1132

Current Description

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

Evaluator Description

Per: http://cwe.mitre.org/data/definitions/476.html'CWE-476: NULL Pointer Dereference'

Basic Data

PublishedJune 24, 2011
Last ModifiedOctober 27, 2011
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score4.9
SeverityMEDIUM
Exploitability Score3.9
Impact Score6.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSAppleMac Os X10.6.0*******
    2.3OSAppleMac Os X10.6.1*******
    2.3OSAppleMac Os X10.6.2*******
    2.3OSAppleMac Os X10.6.3*******
    2.3OSAppleMac Os X10.6.4*******
    2.3OSAppleMac Os X10.6.5*******
    2.3OSAppleMac Os X10.6.6*******
    2.3OSAppleMac Os X10.6.7*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSAppleMac Os X Server10.6.0*******
    2.3OSAppleMac Os X Server10.6.1*******
    2.3OSAppleMac Os X Server10.6.2*******
    2.3OSAppleMac Os X Server10.6.3*******
    2.3OSAppleMac Os X Server10.6.4*******
    2.3OSAppleMac Os X Server10.6.5*******
    2.3OSAppleMac Os X Server10.6.6*******
    2.3OSAppleMac Os X Server10.6.7*******

Vulnerable Software List

VendorProductVersions
Apple Mac Os X Server 10.6.0, 10.6.1, 10.6.2, 10.6.3, 10.6.4, 10.6.5, 10.6.6, 10.6.7
Apple Mac Os X 10.6.0, 10.6.1, 10.6.2, 10.6.3, 10.6.4, 10.6.5, 10.6.6, 10.6.7

References

NameSourceURLTags
APPLE-SA-2011-06-23-1http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.htmlAPPLEPatch Vendor Advisory
APPLE-SA-2011-10-12-1http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.htmlAPPLE
http://support.apple.com/kb/HT4723http://support.apple.com/kb/HT4723CONFIRMPatch Vendor Advisory
http://support.apple.com/kb/HT4999http://support.apple.com/kb/HT4999CONFIRM
48422http://www.securityfocus.com/bid/48422BID