CVE-2018-4406

Vulnerability

CVE-2018-4406 is an input validation issue in the Apple Filing Protocol (AFP) server component of macOS. The bug affects systems prior to macOS Mojave 10.14, including macOS Sierra 10.12.6 and macOS High Sierra 10.13.6. An attacker can exploit this by sending a maliciously crafted HTTP request to an AFP server, which triggers the denial of service condition [1].

Exploitation

An attacker needs network access to the targeted AFP server. The attack does not require authentication—the attacker sends a specially crafted HTTP request to the server. The server's lack of proper input validation allows the request to cause the service to become unresponsive or crash [1].

Impact

Successful exploitation results in a denial of service (DoS) condition, making the AFP server unavailable to legitimate users. The impact is limited to service disruption; there is no indication of code execution or data compromise [1].

Mitigation

The vulnerability is fixed in macOS Mojave 10.14, released on September 24, 2018 [2]. Users running macOS Sierra 10.12.6 or High Sierra 10.13.6 should apply the Security Update 2018-002 High Sierra or Security Update 2018-005 Sierra, released on October 30, 2018 [1]. No workaround is documented; updating to the patched OS version or installing the appropriate security update is the recommended mitigation.