CVE-2015-7760

Vulnerability

libxpc in launchd on Apple OS X before 10.11 lacks restrictions on creating processes for network connections, specifically for the SSH port. This allows a remote attacker to trigger excessive resource consumption by repeatedly connecting to the SSH service, as described in the official CVE entry [1]. The affected versions are OS X prior to 10.11 (El Capitan).

Exploitation

An attacker in a network position capable of reaching the affected host's SSH port (default 22) can repeatedly establish connections. The condition requires no authentication; the attacker simply initiates frequent TCP connections to the SSH port. The issue lies in how libxpc handles the creation of helper processes for each connection, leading to resource exhaustion without proper limits.

Impact

A successful attack causes a denial of service (resource consumption) on the target system. The exact resource (CPU, memory, process slots) is not specified in the description [1], but the outcome prevents legitimate users from accessing services or causes system instability. No privilege escalation or data disclosure is indicated.

Mitigation

Apple addressed the vulnerability in OS X 10.11 (El Capitan), released on September 30, 2015, as documented in the security content reference [1]. Users should upgrade to OS X 10.11 or later. No workaround is provided in the available references; systems unable to upgrade should restrict network access to the SSH port or use firewall rules to limit connection rates. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities catalog.