CVE-2011-1132 - OpenCVE

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Apple	Mac Os X Mac Os X Server

Configuration 1 [-]

OR	cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
	cpe:2.3:o:apple:mac_os_x:10.6.1:::::::*
	cpe:2.3:o:apple:mac_os_x:10.6.2:::::::*
	cpe:2.3:o:apple:mac_os_x:10.6.3:::::::*
	cpe:2.3:o:apple:mac_os_x:10.6.4:::::::*
	cpe:2.3:o:apple:mac_os_x:10.6.5:::::::*
	cpe:2.3:o:apple:mac_os_x:10.6.6:::::::*
	cpe:2.3:o:apple:mac_os_x:10.6.7:::::::*

Configuration 2 [-]

OR	cpe:2.3:o:apple:mac_os_x_server:10.6.0:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.6.1:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.6.2:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.6.3:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.6.4:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.6.5:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.6.6:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.6.7:::::::*

References

Link	Resource
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	Patch Vendor Advisory
http://support.apple.com/kb/HT4723	Patch Vendor Advisory
http://support.apple.com/kb/HT4999
http://www.securityfocus.com/bid/48422

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2011-06-24T20:00:00

Updated: 2011-10-18T09:00:00

Reserved: 2011-03-02T00:00:00

Link: CVE-2011-1132

JSON object: View

NVD Information

Status : Modified

Published: 2011-06-24T20:55:02.653

Modified: 2011-10-27T03:23:47.620

Link: CVE-2011-1132

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-06-23T00:00:00", "descriptions": [{"lang": "en", "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-10-18T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4723"}, {"name": "APPLE-SA-2011-10-12-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"name": "APPLE-SA-2011-06-23-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"name": "48422", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/48422"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4999"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-1132", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://support.apple.com/kb/HT4723", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4723"}, {"name": "APPLE-SA-2011-10-12-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"name": "APPLE-SA-2011-06-23-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"name": "48422", "refsource": "BID", "url": "http://www.securityfocus.com/bid/48422"}, {"name": "http://support.apple.com/kb/HT4999", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4999"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-1132", "datePublished": "2011-06-24T20:00:00", "dateReserved": "2011-03-02T00:00:00", "dateUpdated": "2011-10-18T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "831C5105-6409-4743-8FB5-A91D8956202F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "0B63D169-E2AA-4315-891F-B4AF99F2753C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "1E715DFC-ADB8-43D0-9941-76BB0BE7BCF5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "A1C9705A-74D4-43BA-A119-C667678F9A15", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "4BBF5FE5-4B25-47BE-8D9D-F228746408EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "8CE84A25-CEFB-4165-9498-2E4BF60E2C0E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."}, {"lang": "es", "value": "La implementaci\u00f3n de IPv6 en el n\u00facleo de Apple Mac OS X antes de v10.6.8 permite a usuarios locales provocar una denegaci\u00f3n de servicio (por un puntero a NULL y el reinicio de la m\u00e1quina) a trav\u00e9s de vectores que implican opciones de socket."}], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n'CWE-476: NULL Pointer Dereference'", "id": "CVE-2011-1132", "lastModified": "2011-10-27T03:23:47.620", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-06-24T20:55:02.653", "references": [{"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.apple.com/kb/HT4723"}, {"source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT4999"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/48422"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}