Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1235

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2009-1235
Last Modified 13 Aug 2009 01:33:16
Published 02 Apr 2009 01:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-1235

Summary

XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.0

  • Apple Mac Os X 10.0.0

  • Apple Mac Os X 10.0.1

  • Apple Mac Os X 10.0.2

  • Apple Mac Os X 10.0.3

  • Apple Mac Os X 10.0.4

  • Apple Mac Os X 10.1

  • Apple Mac Os X 10.1.0

  • Apple Mac Os X 10.1.1

  • Apple Mac Os X 10.1.2

  • Apple Mac Os X 10.1.3

  • Apple Mac Os X 10.1.4

  • Apple Mac Os X 10.1.5

  • Apple Mac Os X 10.2

  • Apple Mac Os X 10.2.0

  • Apple Mac Os X 10.2.1

  • Apple Mac Os X 10.2.2

  • Apple Mac Os X 10.2.3

  • Apple Mac Os X 10.2.4

  • Apple Mac Os X 10.2.5

  • Apple Mac Os X 10.2.6

  • Apple Mac Os X 10.2.7

  • Apple Mac Os X 10.2.8

  • Apple Mac Os X 10.3

  • Apple Mac Os X 10.3.0

  • Apple Mac Os X 10.3.1

  • Apple Mac Os X 10.3.2

  • Apple Mac Os X 10.3.3

  • Apple Mac Os X 10.3.4

  • Apple Mac Os X 10.3.5

  • Apple Mac Os X 10.3.6

  • Apple Mac Os X 10.3.7

  • Apple Mac Os X 10.3.8

  • Apple Mac Os X 10.3.9

  • Apple Mac Os X 10.4

  • Apple Mac Os X 10.4.0

  • Apple Mac Os X 10.4.1

  • Apple Mac Os X 10.4.10

  • Apple Mac Os X 10.4.11

  • Apple Mac Os X 10.4.2

  • Apple Mac Os X 10.4.3

  • Apple Mac Os X 10.4.4

  • Apple Mac Os X 10.4.5

  • Apple Mac Os X 10.4.6

  • Apple Mac Os X 10.4.7

  • Apple Mac Os X 10.4.8

  • Apple Mac Os X 10.4.9

  • Apple Mac Os X 10.5

  • Apple Mac Os X 10.5.0

  • Apple Mac Os X 10.5.1

  • Apple Mac Os X 10.5.2

  • Apple Mac Os X 10.5.3

  • Apple Mac Os X 10.5.4

  • Apple Mac Os X 10.5.5

  • Apple Mac Os X 10.5.6

  • Apple Mac Os X Server 10.0

  • Apple Mac Os X Server 10.0.0

  • Apple Mac Os X Server 10.0.1

  • Apple Mac Os X Server 10.0.2

  • Apple Mac Os X Server 10.0.3

  • Apple Mac Os X Server 10.0.4

  • Apple Mac Os X Server 10.1

  • Apple Mac Os X Server 10.1.0

  • Apple Mac Os X Server 10.1.1

  • Apple Mac Os X Server 10.1.2

  • Apple Mac Os X Server 10.1.3

  • Apple Mac Os X Server 10.1.4

  • Apple Mac Os X Server 10.1.5

  • Apple Mac Os X Server 10.2

  • Apple Mac Os X Server 10.2.0

  • Apple Mac Os X Server 10.2.1

  • Apple Mac Os X Server 10.2.2

  • Apple Mac Os X Server 10.2.3

  • Apple Mac Os X Server 10.2.4

  • Apple Mac Os X Server 10.2.5

  • Apple Mac Os X Server 10.2.6

  • Apple Mac Os X Server 10.2.7

  • Apple Mac Os X Server 10.2.8

  • Apple Mac Os X Server 10.3

  • Apple Mac Os X Server 10.3.0

  • Apple Mac Os X Server 10.3.1

  • Apple Mac Os X Server 10.3.2

  • Apple Mac Os X Server 10.3.3

  • Apple Mac Os X Server 10.3.4

  • Apple Mac Os X Server 10.3.5

  • Apple Mac Os X Server 10.3.6

  • Apple Mac Os X Server 10.3.7

  • Apple Mac Os X Server 10.3.8

  • Apple Mac Os X Server 10.3.9

  • Apple Mac Os X Server 10.4

  • Apple Mac Os X Server 10.4.0

  • Apple Mac Os X Server 10.4.1

  • Apple Mac Os X Server 10.4.10

  • Apple Mac Os X Server 10.4.11

  • Apple Mac Os X Server 10.4.2

  • Apple Mac Os X Server 10.4.3

  • Apple Mac Os X Server 10.4.4

  • Apple Mac Os X Server 10.4.5

  • Apple Mac Os X Server 10.4.6

  • Apple Mac Os X Server 10.4.7

  • Apple Mac Os X Server 10.4.8

  • Apple Mac Os X Server 10.4.9

  • Apple Mac Os X Server 10.5

  • Apple Mac Os X Server 10.5.0

  • Apple Mac Os X Server 10.5.1

  • Apple Mac Os X Server 10.5.2

  • Apple Mac Os X Server 10.5.3

  • Apple Mac Os X Server 10.5.4

  • Apple Mac Os X Server 10.5.5

  • Apple Mac Os X Server 10.5.6


References

CERT - TA09-218A

VUPEN - ADV-2009-2172

VUPEN - ADV-2009-0822

SECTRACK - 1022671

BID - 34203

MILW0RM - 8266

MISC - http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID=216401181

MISC - http://www.digit-labs.org/files/exploits/xnu-hfs-fcntl-v2.sh

MISC - http://www.digit-labs.org/files/exploits/xnu-hfs-fcntl-v2.c

CONFIRM - http://support.apple.com/kb/HT3757

SECUNIA - 36096

SECUNIA - 34424

APPLE - APPLE-SA-2009-08-05-1

Related Patches

Apple 2009-08-31 Mac OS X Server 10.5.8 v1.1 Update (See Note)

Apple 2009-08-31 Mac OS X Server 10.5.8 v1.1 Combo Update (See Note)


Last Updated: 27 May 2016 10:50:30