Denial of Service Vulnerability in Libc Affecting FreeBSD, NetBSD, OpenBSD, and Apple Mac OS X
CVE-2010-4754

Currently unrated

Key Information:

Vendor
OpenBSD
Status
OpenBSD
Mac Os X
Netbsd
FreeBSD
Vendor
CVE Published:
2 March 2011

Summary

The implementation of glob functionality in libc across multiple operating systems allows remote authenticated users to trigger significant resource exhaustion. By crafting specific glob expressions that fail to match any pathnames, attackers can force the system into a state of excessive CPU and memory consumption. This behavior can significantly disrupt services, particularly when interacting with FTP daemons, leading to a denial of service.

References

http://securityreason.com/achievement_securityalert/89
third-party-advisoryx_refsource_SREASONRES
http://support.apple.com/kb/HT4723
x_refsource_CONFIRM
http://securityreason.com/exploitalert/9223
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.