ID CVE-2016-1757
Summary Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
References
Vulnerable Configurations
  • Apple Mac OS X 10.11.3
    cpe:2.3:o:apple:mac_os_x:10.11.3
  • Apple iPhone OS 9.2.1
    cpe:2.3:o:apple:iphone_os:9.2.1
CVSS
Base: 9.3 (as of 24-03-2016 - 17:09)
Impact:
Exploitability:
CWE CWE-362
CAPEC
  • Leveraging Race Conditions
    This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
  • Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
    This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description Mach Race OS X Local Privilege Escalation Exploit. CVE-2016-1757. Local exploit for osx platform
    file exploits/osx/local/39741.txt
    id EDB-ID:39741
    last seen 2016-04-27
    modified 2016-04-27
    platform osx
    port
    published 2016-04-27
    reporter fG!
    source https://www.exploit-db.com/download/39741/
    title Mach Race OS X Local Privilege Escalation Exploit
    type local
  • description OS X / iOS Suid Binary Logic Error Kernel Code Execution. CVE-2016-1757. Local exploits for multiple platform
    file exploits/multiple/local/39595.txt
    id EDB-ID:39595
    last seen 2016-03-23
    modified 2016-03-23
    platform multiple
    port
    published 2016-03-23
    reporter Google Security Research
    source https://www.exploit-db.com/download/39595/
    title OS X / iOS Suid Binary Logic Error Kernel Code Execution
    type local
nessus via4
NASL family MacOS X Local Security Checks
NASL id MACOSX_10_11_4.NASL
description The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.4. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppleRAID - AppleUSBNetworking - Bluetooth - Carbon - dyld - FontParser - HTTPProtocol - Intel Graphics Driver - IOFireWireFamily - IOGraphics - IOHIDFamily - IOUSBFamily - Kernel - libxml2 - Messages - NVIDIA Graphics Drivers - OpenSSH - OpenSSL - Python - QuickTime - Reminders - Ruby - Security - Tcl - TrueTypeScaler - Wi-Fi Note that successful exploitation of the most serious issues can result in arbitrary code execution.
last seen 2018-09-01
modified 2018-07-14
plugin id 90096
published 2016-03-22
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=90096
title Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities
refmap via4
apple
  • APPLE-SA-2016-03-21-1
  • APPLE-SA-2016-03-21-5
confirm
misc https://bugs.chromium.org/p/project-zero/issues/detail?id=676
sectrack 1035353
the hacker news via4
id THN:C3AFFC6B0CE7522BE2D27FFC61B25B88
last seen 2018-01-27
modified 2016-03-25
published 2016-03-24
reporter Swati Khandelwal
source https://thehackernews.com/2016/03/system-integrity-protection.html
title Mac OS X Zero-Day Exploit Can Bypass Apple's Latest Protection Feature
Last major update 02-12-2016 - 22:22
Published 23-03-2016 - 21:59
Back to Top