Page 27 of 220 results (0.005 seconds)

CVSS: 7.2EPSS: 0%CPEs: 40EXPL: 2

Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. Una vulnerabilidad de cadena de formato en el demonio VPN (vpnd) en Apple Mac OS X versiones 10.3.9 y 10.4.9 permite a los usuarios locales ejecutar código arbitrario por medio del parámetro -i. • https://www.exploit-db.com/exploits/30096 https://www.exploit-db.com/exploits/4013 http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35143 http://www.securityfocus.com/archive/1/469882/100/0/threaded http://www.securityfocus.com/archive/1/469889/100/0/threaded http://www.securityfocus.com/bid/24144 http://www.securityfocus.com/bid/2420 • CWE-134: Use of Externally-Controlled Format String •

CVSS: 2.1EPSS: 0%CPEs: 40EXPL: 0

A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. Una secuencia de comandos de limpieza en el crontab del Apple Mac OS X 10.3.9 y 10.4.9 puede borrar ficheros de sistemas que han sido montado en /tmp, lo que permite a usuarios locales provocar una denegación de servicio, relacionada con el comando find. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35145 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018117 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities/34500 •

CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 0

Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request. Desbordamiento de búfer basado en montículo en Apple Darwin Streaming Proxy, cuando utiliza Darwin Streaming Server versiones anteriores a 5.5.5, permite a atacantes remotos ejecutar código de su elección mediante múltiples valores trackID en una petición SETUP RTSP. • http://docs.info.apple.com/article.html?artnum=305495 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html http://osvdb.org/35975 http://secunia.com/advisories/25193 http://www.securityfocus.com/bid/23918 http://www.securitytracker.com/id?1018047 http://www.vupen.com/english/advisories/2007/1770 https://exchange.xforce.ibmcloud.com/vulnerabilities/34225 •

CVSS: 10.0EPSS: 4%CPEs: 8EXPL: 0

Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request. Múltiples desbordamientos de búfer basado en pila en la función is_command en proxy.c en Apple Darwin Streaming Proxy, cuando se utiliza en Darwin Streaming Server anterior a 5.5.5, permite a atacantes remotos ejecutar código de su elección a través de un valor (1)cmd largo o (2)server en una respuesta RTSP. • http://docs.info.apple.com/article.html?artnum=305495 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html http://osvdb.org/35976 http://secunia.com/advisories/25193 http://www.securityfocus.com/bid/23918 http://www.securitytracker.com/id?1018047 http://www.vupen.com/english/advisories/2007/1770 https://exchange.xforce.ibmcloud.com/vulnerabilities/34222 •

CVSS: 7.2EPSS: 0%CPEs: 68EXPL: 0

Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables. El cliente Apple File Protocol (AFP) en Apple Mac OS X 10.3.9 hasta la 10.4.9 no limpia de forma adecuada el entorno antes de la ejecución de comandos, lo cual permite a usuarios locales ganar privilegios a través de la configuración de variables de entorno no especificadas. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.kb.cert.org/vuls/id/312424 http://www.osvdb.org/34858 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017944 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 • CWE-264: Permissions, Privileges, and Access Controls •