CVSS: 9.0EPSS: 57%CPEs: 45EXPL: 2CVE-2006-6652 – NetBSD - 'FTPd / Tnftpd' Remote Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-6652
20 Dec 2006 — Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion. Desbordamiento de búfer en la conjunto de la implementación de libc in NetBSD-current versiones anteriores a 20050914, NetBSD 2.* y 3.* versiones anteriores a 20061203, y Apple Mac OSX anterior... • https://www.exploit-db.com/exploits/2874 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2006-6353
https://notcve.org/view.php?id=CVE-2006-6353
07 Dec 2006 — Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer". Múltiples vulnerabilidades no especificadas en BOMArchiveHelper de Mac OS X permiten a atacantes remotos con la intervención del usuario provocar una denegación de s... • http://security-protocols.com/2006/12/04/bomarchivehelper-needs-some-lovin •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2006-6292
https://notcve.org/view.php?id=CVE-2006-6292
05 Dec 2006 — Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames. Apple Airport Extreme firmware 0.1.27 en Mac OS X 10.4.8 permite a atacantes remotos provocar una denegación de servicio (acceso a memoria fuera de rango, y fallo irrecuperable del sistema o kernel panic) y también otro... • http://docs.info.apple.com/article.html?artnum=305031 •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2006-4411
https://notcve.org/view.php?id=CVE-2006-4411
30 Nov 2006 — The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors. El servicio VPN de Apple Mac OS X 10.3.x hasta 10.3.9 y 10.4.x hasta 10.4.8 no limpia adecuadamente el entorno cuando ejecuta comandos, lo cual permite a usuarios locales ganar privilegios mediante vectores no especificados. • http://docs.info.apple.com/article.html?artnum=304829 •
CVSS: 8.8EPSS: 16%CPEs: 19EXPL: 0CVE-2006-4412
https://notcve.org/view.php?id=CVE-2006-4412
30 Nov 2006 — WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects. WebKit de Apple Mac OS X 10.3.x hasta 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos ejecutar código de su elección mediante un archivo HTML manipulado, que accede a objetos previamente liberados (deallocated). • http://docs.info.apple.com/article.html?artnum=304829 •
CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0CVE-2006-4408
https://notcve.org/view.php?id=CVE-2006-4408
30 Nov 2006 — The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a denial of service (resource consumption) via certain public key values in an X.509 certificate that requires extra resources during signature verification. NOTE: this issue may be similar to CVE-2006-2940. El Security Framework de Apple Mac OS X 10.4 hasta 10.4.8 permite a atacantes remotos provocar una denegación de servicio (agotamiento de recursos) mediante determinados valores de clave pública en un certifica... • http://docs.info.apple.com/article.html?artnum=304829 •
CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 0CVE-2006-4401
https://notcve.org/view.php?id=CVE-2006-4401
30 Nov 2006 — Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI. Vulnerabilidad no especificada en CFNetwork en Mac OS 10.4.8 y versiones anteriores permite a atacantes remotos con la intervención del usuario ejecutar comandos FTP de su elección mediante una URI FTP manipulada. • http://docs.info.apple.com/article.html?artnum=304829 •
CVSS: 7.8EPSS: 11%CPEs: 1EXPL: 0CVE-2006-4402
https://notcve.org/view.php?id=CVE-2006-4402
30 Nov 2006 — Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files. Desbordamiento de búfer basados en pila en el Finder del Apple Mac OS X 10.4.8 y versiones anteriores, permite a atacantes con la intervención del usuario ejecutar código de su elección mirando los directorios que contienen ficheros .DS_Store manipulados. • http://docs.info.apple.com/article.html?artnum=304829 •
CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0CVE-2006-4407
https://notcve.org/view.php?id=CVE-2006-4407
30 Nov 2006 — The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic. El subsistema de seguridad de Apple Mac OS X 10.3.x hasta 10.3.9 no prioriza adecuadamente el cifrado de encriptación cuando negocia cifrado compartido fuerte, lo cual provoca Transporte Seguro al usuario, un cifrado más débil que facilita a... • http://docs.info.apple.com/article.html?artnum=304829 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2006-6173 – Apple Mac OSX 10.4.x - 'Shared_Region_Make_Private_Np' Kernel Function Local Memory Corruption
https://notcve.org/view.php?id=CVE-2006-6173
30 Nov 2006 — Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter. Desbordamiento de búfer en la función shared_region_make_private_np de vm/vm_unix.c de Mac OS X 10.4.6 y versiones anteriores permite a usuarios locales ejecutar código de su elección mediante (1) un... • https://www.exploit-db.com/exploits/29201 •