CVE-2005-2748
https://notcve.org/view.php?id=CVE-2005-2748
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application. • http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html http://secunia.com/advisories/16920 http://www.auscert.org.au/5509 http://www.ciac.org/ciac/bulletins/p-312.shtml http://www.suresec.org/advisories/adv7.pdf •
CVE-2005-2510
https://notcve.org/view.php?id=CVE-2005-2510
The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less restrictive than intended by the administrator. • http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://securitytracker.com/id?1014708 •
CVE-2005-2508 – Apple Mac OSX 10.4 - dsidentity Directory Services Account Creation and Deletion
https://notcve.org/view.php?id=CVE-2005-2508
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts. • https://www.exploit-db.com/exploits/26185 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html •
CVE-2005-2511
https://notcve.org/view.php?id=CVE-2005-2511
Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window. • http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html •
CVE-2005-2501
https://notcve.org/view.php?id=CVE-2005-2501
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file. • http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://securitytracker.com/id?1014695 http://www.kb.cert.org/vuls/id/435188 http://www.us-cert.gov/cas/techalerts/TA05-229A.html •