CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2003-0378
https://notcve.org/view.php?id=CVE-2003-0378
06 Jun 2003 — The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. El sistema de autentificación de login de Kerberos sobre Mac OS X, cuando se usua con un servidor LDAPv3 y autentificación LDAP, puede enviar passwords en texto plano al servidor LDAP si no está fijado el atributo AuthenticationAuthority • http://docs.info.apple.com/article.html?artnum=107579 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2003-0242
https://notcve.org/view.php?id=CVE-2003-0242
17 May 2003 — IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. IPSec en Mac OS X anterior a la 10.2.6 no maneja correctamente ciertas políticas de seguridad asignadas por puerto, lo que permitiría tráfico que no está explícitamente permitido por esas políticas. • http://docs.info.apple.com/article.html?artnum=61798 •
CVSS: 8.1EPSS: 0%CPEs: 21EXPL: 0CVE-2003-0198
https://notcve.org/view.php?id=CVE-2003-0198
15 Apr 2003 — Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files. Mac OS X anteriores a 10.2.5 permite a usuarios invitados modificar los permisos de la carpeta DropBox y leer ficheros no autorizados. • http://lists.apple.com/mhonarc/security-announce/msg00028.html •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 1CVE-2003-0171 – Apple Mac OSX 10.2.4 - DirectoryService 'PATH' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0171
15 Apr 2003 — DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. DirectoryServices en MacOS X se fia de la variable de entorno PATH para localizar y ejecutar el comando touch, lo que permite a usurarios locales ejecutar comandos arbitrarios modificando PATH para que apunte a un directorio que contenga un programa 'touch' malicios... • https://www.exploit-db.com/exploits/15 •
CVSS: 10.0EPSS: 96%CPEs: 81EXPL: 14CVE-2003-0201 – Samba 2.2.8 (BSD x86) - 'trans2open' Remote Overflow
https://notcve.org/view.php?id=CVE-2003-0201
15 Apr 2003 — Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. Desbordamiento de búfer en la función call_trans2open en trans2.c de Samba 2.2.x anteriores a 2.2.8a, 2.0.10 y versiones anteriores 2.0.x, y Samba-TNG anteriores a de 0.3.2, permite a atacantes remotos ejecutar código arbitrario. • https://www.exploit-db.com/exploits/16880 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2003-0088
https://notcve.org/view.php?id=CVE-2003-0088
03 Mar 2003 — TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. TruBlueEnvironment para MacOS 10.2.3 y anteriores permite a usuarios locales sobreescribir o crear ficheros arbitrarios y ganar privilegios de root estableciendo cierta variable de entorno que es usada para establecer información de depuración. • http://docs.info.apple.com/article.html?artnum=61798 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2003-0049
https://notcve.org/view.php?id=CVE-2003-0049
26 Feb 2003 — Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password. AFP en Mac OS X anterior a 10.2.4 permite a administradores iniciar sesión como otros usuarios usando la contraseña de administrador. • http://docs.info.apple.com/article.html?artnum=61798 •
CVSS: 9.1EPSS: 0%CPEs: 11EXPL: 0CVE-2002-2326
https://notcve.org/view.php?id=CVE-2002-2326
31 Dec 2002 — The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic. • http://archives.neohapsis.com/archives/bugtraq/2002-07/0276.html • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 2CVE-2002-1898 – Apple Mac OSX 10.2 - Terminal.APP Telnet Link Command Execution
https://notcve.org/view.php?id=CVE-2002-1898
31 Dec 2002 — Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window. • https://www.exploit-db.com/exploits/21815 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 14%CPEs: 15EXPL: 1CVE-2002-1369
https://notcve.org/view.php?id=CVE-2002-1369
26 Dec 2002 — jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. jobs.c en Common Unix Printing System (CUPS) 1.1.14 a 1.1.17 no utiliza adecuadamente la llamada a la función strncat cuando procesa la opción string, lo que permite a atacantes remotos la ejecución arbitraria de código mediante un ataque de desbordamiento de búfer. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html •