CVE-2007-0753 – Apple Mac OSX 10.4.9 - VPND Local Format String
https://notcve.org/view.php?id=CVE-2007-0753
Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. Una vulnerabilidad de cadena de formato en el demonio VPN (vpnd) en Apple Mac OS X versiones 10.3.9 y 10.4.9 permite a los usuarios locales ejecutar código arbitrario por medio del parámetro -i. • https://www.exploit-db.com/exploits/30096 https://www.exploit-db.com/exploits/4013 http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35143 http://www.securityfocus.com/archive/1/469882/100/0/threaded http://www.securityfocus.com/archive/1/469889/100/0/threaded http://www.securityfocus.com/bid/24144 http://www.securityfocus.com/bid/2420 • CWE-134: Use of Externally-Controlled Format String •
CVE-2007-0752 – Apple Mac OSX 10.4.8 - pppd Plugin Loading Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-0752
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check. El demonio PPP (pppd) en el Apple Mac OS X 10.4.8 comprueba la propiedad del descriptor del fichero stdin para determinar si el solicitante tiene suficientes privilegios, lo que permite a usuarios locales cargar extensiones de su elección y obtener privilegios de administrador evitando estas comprobaciones. • https://www.exploit-db.com/exploits/3985 http://docs.info.apple.com/article.html?artnum=305530 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35144 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018124 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities •
CVE-2007-0751
https://notcve.org/view.php?id=CVE-2007-0751
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. Una secuencia de comandos de limpieza en el crontab del Apple Mac OS X 10.3.9 y 10.4.9 puede borrar ficheros de sistemas que han sido montado en /tmp, lo que permite a usuarios locales provocar una denegación de servicio, relacionada con el comando find. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35145 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018117 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities/34500 •
CVE-2007-0748
https://notcve.org/view.php?id=CVE-2007-0748
Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request. Desbordamiento de búfer basado en montículo en Apple Darwin Streaming Proxy, cuando utiliza Darwin Streaming Server versiones anteriores a 5.5.5, permite a atacantes remotos ejecutar código de su elección mediante múltiples valores trackID en una petición SETUP RTSP. • http://docs.info.apple.com/article.html?artnum=305495 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html http://osvdb.org/35975 http://secunia.com/advisories/25193 http://www.securityfocus.com/bid/23918 http://www.securitytracker.com/id?1018047 http://www.vupen.com/english/advisories/2007/1770 https://exchange.xforce.ibmcloud.com/vulnerabilities/34225 •
CVE-2007-0749
https://notcve.org/view.php?id=CVE-2007-0749
Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request. Múltiples desbordamientos de búfer basado en pila en la función is_command en proxy.c en Apple Darwin Streaming Proxy, cuando se utiliza en Darwin Streaming Server anterior a 5.5.5, permite a atacantes remotos ejecutar código de su elección a través de un valor (1)cmd largo o (2)server en una respuesta RTSP. • http://docs.info.apple.com/article.html?artnum=305495 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html http://osvdb.org/35976 http://secunia.com/advisories/25193 http://www.securityfocus.com/bid/23918 http://www.securitytracker.com/id?1018047 http://www.vupen.com/english/advisories/2007/1770 https://exchange.xforce.ibmcloud.com/vulnerabilities/34222 •