CVE-2007-0751
https://notcve.org/view.php?id=CVE-2007-0751
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. Una secuencia de comandos de limpieza en el crontab del Apple Mac OS X 10.3.9 y 10.4.9 puede borrar ficheros de sistemas que han sido montado en /tmp, lo que permite a usuarios locales provocar una denegación de servicio, relacionada con el comando find. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35145 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018117 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities/34500 •
CVE-2007-0748
https://notcve.org/view.php?id=CVE-2007-0748
Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request. Desbordamiento de búfer basado en montículo en Apple Darwin Streaming Proxy, cuando utiliza Darwin Streaming Server versiones anteriores a 5.5.5, permite a atacantes remotos ejecutar código de su elección mediante múltiples valores trackID en una petición SETUP RTSP. • http://docs.info.apple.com/article.html?artnum=305495 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html http://osvdb.org/35975 http://secunia.com/advisories/25193 http://www.securityfocus.com/bid/23918 http://www.securitytracker.com/id?1018047 http://www.vupen.com/english/advisories/2007/1770 https://exchange.xforce.ibmcloud.com/vulnerabilities/34225 •
CVE-2007-0749
https://notcve.org/view.php?id=CVE-2007-0749
Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request. Múltiples desbordamientos de búfer basado en pila en la función is_command en proxy.c en Apple Darwin Streaming Proxy, cuando se utiliza en Darwin Streaming Server anterior a 5.5.5, permite a atacantes remotos ejecutar código de su elección a través de un valor (1)cmd largo o (2)server en una respuesta RTSP. • http://docs.info.apple.com/article.html?artnum=305495 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html http://osvdb.org/35976 http://secunia.com/advisories/25193 http://www.securityfocus.com/bid/23918 http://www.securitytracker.com/id?1018047 http://www.vupen.com/english/advisories/2007/1770 https://exchange.xforce.ibmcloud.com/vulnerabilities/34222 •
CVE-2007-0745
https://notcve.org/view.php?id=CVE-2007-0745
The Apple Security Update 2007-004 uses an incorrect configuration file for FTPServer in Apple Mac OS X Server 10.4.9, which might allow remote authenticated users to access additional directories. El Apple Security Update 2007-004 utiliza un archivo de configuración incorrecta para TPServer en Apple Mac OS X Server 10.4.9, lo cual podría permitir a usuario validados acceder a directorios adicionales. • http://lists.apple.com/archives/security-announce/2007/May/msg00000.html http://www.osvdb.org/34869 http://www.securitytracker.com/id?1017990 https://exchange.xforce.ibmcloud.com/vulnerabilities/34001 •
CVE-2007-0747
https://notcve.org/view.php?id=CVE-2007-0747
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables. load_webdav en Apple Mac OS X 10.3.9 hasta la 10.4.9 no limpia de forma adecuada el marco cuando esta montado el sitema de archivos WebDAV, lo cual permite a usuarios locales ganar privilegios a través de la configuración de variables de entorno no especificadas. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.kb.cert.org/vuls/id/474969 http://www.osvdb.org/34871 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017942 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •