CVE-2007-0726
https://notcve.org/view.php?id=CVE-2007-0726
The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys. El proceso de generación de clave SSH en OpenSSH de Mac OS X 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos provocar una denegación de servicio conectándose al servidor antes de que SSH haya finalizado la creación de claves, lo cual provoca que las claves sean regeneradas y pueden romper relaciones de confianza basadas en las claves originales. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.osvdb.org/34850 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017756 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 https://exchange.xforce.ibmcloud.com/vulnerabilities/32975 •
CVE-2007-0731
https://notcve.org/view.php?id=CVE-2007-0731
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. Desbordamiento de búfer basado en pila en el módulo de Samba específico de Apple (SMB File Server) en Apple Mac OS X 10.4 hasta 10.4.8 permite a atacantes dependientes del contexto ejecutar código de su elección mediante una lista de control de acceso (ACL) larga. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.osvdb.org/34852 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017754 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 https://exchange.xforce.ibmcloud.com/vulnerabilities/32979 •
CVE-2007-0722
https://notcve.org/view.php?id=CVE-2007-0722
Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image. Desbordamiento de entero en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una imagen de disco AppleSingleEncoding artesanal. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.kb.cert.org/vuls/id/124280 http://www.osvdb.org/34847 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 •
CVE-2007-0719
https://notcve.org/view.php?id=CVE-2007-0719
Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile. Desbordamiento de búfer basado en pila en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una imagen con un perfil ColorSync artesanal. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.kb.cert.org/vuls/id/449440 http://www.osvdb.org/34845 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 •
CVE-2007-1071 – Apple Mac OSX 10.4.8 - ImageIO GIF Image Integer Overflow
https://notcve.org/view.php?id=CVE-2007-1071
Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503. Desbordamiento de enteros en la función gifGetBandProc del ImageIO en Apple Mac OS X 10.4.8 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) y, posiblemente, ejecutar código de su elección mediante una imagen GIF manipulada que dispara el desbordamiento durante la descompresión. NOTA: es una vulnerabilidad diferente a la CVE-2006-3502 y a la CVE-2006-3503. • https://www.exploit-db.com/exploits/29620 http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://security-protocols.com/sp-x39-advisory.php http://www.kb.cert.org/vuls/id/559444 http://www.osvdb.org/34854 http://www.securityfocus.com/bid/22630 http://www.securitytracker.com/id?1017758 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www& •