Mac OS X 10.11.1 FTS Buffer Overflow
I was browsing around and found this cool little hack someone (Maksymilian Arciemowicz) found. It's pretty cool. It's a buffer overflow in Mac OS X 10.11.1 FTS.
What your doing is making 1024 directories and cd'ing into them using a for loop in bash. Then you're cd'ing back out 1024 directoires back to where you started. Then you are ls'ing recursivly with -a to ignore hidden, -l single column and -R recursive. You won't see any output if you run the sample below, it's being sent to dev/null (incase you didn't know)
When you do this it will lead to a segment fault, this is when a program tries to read or write to an illegal portion of memory. You have just crashed the program from a buffer overflow.
There's no CVE at the time I'm writing this, I ran into this lastnight and took my time writing this :-D. Also the english grammer isn't the best, but you should understand it.
Luckily this isn't a remote vulnerability, but buffer overflows aren't good either. Those shouldn't be taken lightly, this could be a serious vulnerability. This could lead to code execution leading to someone running as root. See their site for the LLDB (debug) of what happened in the background
Let me know what you think of this article on twitter @martinoj2009!