CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2006-4387
https://notcve.org/view.php?id=CVE-2006-4387
02 Oct 2006 — Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the "Allow user to administer this computer" checkbox in System Preferences for a user, does not remove the user's account from the appserveradm or appserverusr groups, which still allows the user to manage WebObjects applications. Apple Mac OS X 10.4 hasta la 10.4.7, cuando un administrador quita en la caja de selección "Permitir al usuario administrador su ordenador" en System Preferences para un usuario, no mueve la cuenta de usuario desde... • http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2006-4397
https://notcve.org/view.php?id=CVE-2006-4397
02 Oct 2006 — Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 through 10.4.7 prevents Kerberos tickets from being destroyed if a user does not successfully log on to a network account from the login window, which might allow later users to gain access to the original user's Kerberos tickets. Condición de error no comprobada en LoginWindow en Apple Mac OSX 10.4 hasta 10.4.7 evita que las credenciales Kerberos sean destruidas si un usuario no accede con éxito a una cuenta de red desde la ventana de inicio d... • http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2006-4390
https://notcve.org/view.php?id=CVE-2006-4390
02 Oct 2006 — CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted. CFNetwork en Apple Mac OS X 10.4 hasta la 10.4.7 y 10.3.9, permite a un sitio SSL remoto aparacer como un sitio verdadero a través del uso de codificación sin validación, lo cual puede provocar que el icono de cerradura en Safari se muestre siempre y cu... • http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 2CVE-2006-4392 – Apple Mac OSX 10.4.7 - Mach Exception Handling Local (10.3.x)
https://notcve.org/view.php?id=CVE-2006-4392
02 Oct 2006 — The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function. El núcleo Mach, usado en sistemas operativos que incluyen (1) Mac OS X 10.4 hata 10.4.7 y (2) OpenStep anterior a 4.2, permite a usua... • https://www.exploit-db.com/exploits/2464 •
CVSS: 9.3EPSS: 86%CPEs: 6EXPL: 4CVE-2006-5051 – unsafe GSSAPI signal handler
https://notcve.org/view.php?id=CVE-2006-5051
27 Sep 2006 — Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. Condición de carrera en el manejador de señal OpenSSH en versiones anteriores a 4.4 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario si la autenticación GSSAPI está habilitada, a través de vectores no especif... • https://github.com/bigb0x/CVE-2024-6387 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3508
https://notcve.org/view.php?id=CVE-2006-3508
21 Sep 2006 — Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates. Desbordamiento de búfer basado en montón en el controlador wireless AirPort en Apple Mac OS X 10.4.7 permite a atacantes físicamente próximos provocar una denegación de servicio (caída), obteniendo privilegios, y ejecutando código de... • http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 1CVE-2006-3507 – Apple Mac OSX 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-3507
21 Sep 2006 — Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network. Múltiples desbordamientos de búfer basados en pila en el controlador wireless AirPort en Apple Mac OS X 10.3.9 y 10.4.7 permiten a atacantes físicamente próximos ejecutar código de su elección inyectando tramas artesanales dentro de la red wireless. • https://www.exploit-db.com/exploits/28643 •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3509
https://notcve.org/view.php?id=CVE-2006-3509
21 Sep 2006 — Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames. Desbordamiento de enteros en la API para el controlador de AirPort Wireless sobre Apple Mac OS X 10.4.7 que permitirían a un atacante cercano fisicamente provocar denegación de serivicio(caida) o ejecutar código de su elección con un software de terc... • http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2006-4887
https://notcve.org/view.php?id=CVE-2006-4887
19 Sep 2006 — Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it. Apple Remote Desktop (ARD) para Mac OS X 10.2.8 y posteriores no quita privilegios en la máquina remota al instalar ciertas apli... • http://www.osvdb.org/32260 •
CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 1CVE-2006-4866 – Apple Mac OSX 10.x - KExtLoad Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-4866
19 Sep 2006 — Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. Desbordamiento de buffer en kextload en Apple OS X, como ha sido usado por TDIXSupport en Roxio Toast Titanium y posiblemente otros productos, permite a usuarios locales ejecutar código de su elección vía un argumento con extensión larga. • https://www.exploit-db.com/exploits/28578 •