Search
Find a vulnerability
Search criteria
2 vulnerabilities found for libusbmuxd by libimobiledevice
CVE-2016-5104 (GCVE-0-2016-5104)
Vulnerability from nvd – Published: 2016-06-13 14:00 – Updated: 2024-08-06 00:53
VLAI
EPSS
VEX
Summary
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-updates/2016-0… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.redhat.com/show_bug.cgi?id=1339988 | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-3026-1 | vendor-advisoryx_refsource_UBUNTU |
| https://github.com/libimobiledevice/libusbmuxd/co… | x_refsource_CONFIRM |
| https://github.com/libimobiledevice/libimobiledev… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2016/05/26/1 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://www.ubuntu.com/usn/USN-3026-2 | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2016/05/26/6 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
Date Public
2016-05-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:53:47.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339988"
},
{
"name": "USN-3026-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3026-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e"
},
{
"name": "[oss-security] 20160525 CVE Requests: libimobiledevice and libusbmuxd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/1"
},
{
"name": "SUSE-SU-2016:1639",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html"
},
{
"name": "USN-3026-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3026-2"
},
{
"name": "[oss-security] 20160526 Re: CVE Requests: libimobiledevice and libusbmuxd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/6"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2121-1] libimobiledevice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00027.html"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2122-1] libusbmuxd security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-27T23:05:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2016:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339988"
},
{
"name": "USN-3026-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3026-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e"
},
{
"name": "[oss-security] 20160525 CVE Requests: libimobiledevice and libusbmuxd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/1"
},
{
"name": "SUSE-SU-2016:1639",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html"
},
{
"name": "USN-3026-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3026-2"
},
{
"name": "[oss-security] 20160526 Re: CVE Requests: libimobiledevice and libusbmuxd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/6"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2121-1] libimobiledevice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00027.html"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2122-1] libusbmuxd security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00028.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1526",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00029.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1339988",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339988"
},
{
"name": "USN-3026-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3026-1"
},
{
"name": "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196",
"refsource": "CONFIRM",
"url": "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196"
},
{
"name": "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e",
"refsource": "CONFIRM",
"url": "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e"
},
{
"name": "[oss-security] 20160525 CVE Requests: libimobiledevice and libusbmuxd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/1"
},
{
"name": "SUSE-SU-2016:1639",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html"
},
{
"name": "USN-3026-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3026-2"
},
{
"name": "[oss-security] 20160526 Re: CVE Requests: libimobiledevice and libusbmuxd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/6"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2121-1] libimobiledevice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00027.html"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2122-1] libusbmuxd security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00028.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5104",
"datePublished": "2016-06-13T14:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:53:47.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5104 (GCVE-0-2016-5104)
Vulnerability from cvelistv5 – Published: 2016-06-13 14:00 – Updated: 2024-08-06 00:53
VLAI
EPSS
VEX
Summary
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-updates/2016-0… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.redhat.com/show_bug.cgi?id=1339988 | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-3026-1 | vendor-advisoryx_refsource_UBUNTU |
| https://github.com/libimobiledevice/libusbmuxd/co… | x_refsource_CONFIRM |
| https://github.com/libimobiledevice/libimobiledev… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2016/05/26/1 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://www.ubuntu.com/usn/USN-3026-2 | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2016/05/26/6 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
Date Public
2016-05-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:53:47.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339988"
},
{
"name": "USN-3026-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3026-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e"
},
{
"name": "[oss-security] 20160525 CVE Requests: libimobiledevice and libusbmuxd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/1"
},
{
"name": "SUSE-SU-2016:1639",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html"
},
{
"name": "USN-3026-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3026-2"
},
{
"name": "[oss-security] 20160526 Re: CVE Requests: libimobiledevice and libusbmuxd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/6"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2121-1] libimobiledevice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00027.html"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2122-1] libusbmuxd security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-27T23:05:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2016:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339988"
},
{
"name": "USN-3026-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3026-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e"
},
{
"name": "[oss-security] 20160525 CVE Requests: libimobiledevice and libusbmuxd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/1"
},
{
"name": "SUSE-SU-2016:1639",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html"
},
{
"name": "USN-3026-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3026-2"
},
{
"name": "[oss-security] 20160526 Re: CVE Requests: libimobiledevice and libusbmuxd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/6"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2121-1] libimobiledevice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00027.html"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2122-1] libusbmuxd security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00028.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1526",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00029.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1339988",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339988"
},
{
"name": "USN-3026-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3026-1"
},
{
"name": "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196",
"refsource": "CONFIRM",
"url": "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196"
},
{
"name": "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e",
"refsource": "CONFIRM",
"url": "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e"
},
{
"name": "[oss-security] 20160525 CVE Requests: libimobiledevice and libusbmuxd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/1"
},
{
"name": "SUSE-SU-2016:1639",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html"
},
{
"name": "USN-3026-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3026-2"
},
{
"name": "[oss-security] 20160526 Re: CVE Requests: libimobiledevice and libusbmuxd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/6"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2121-1] libimobiledevice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00027.html"
},
{
"name": "[debian-lts-announce] 20200227 [SECURITY] [DLA 2122-1] libusbmuxd security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00028.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5104",
"datePublished": "2016-06-13T14:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:53:47.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}