CVE-2004-0744
https://notcve.org/view.php?id=CVE-2004-0744
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. El componente de red TCP/IP de Mac OS X anteriores a 10.3.5 permite a atacantes remotos causar una denegación de servicio (consumición de recursos) mediante un "Ataque de Rosa" en el que se usan ciertos fragmentos IP. • http://digital.net/~gandalf/Rose_Frag_Attack_Explained.txt http://marc.info/?l=bugtraq&m=108075899619193&w=2 http://marc.info/?l=bugtraq&m=108308604119618&w=2 http://www.auscert.org.au/render.html?it=4291 https://exchange.xforce.ibmcloud.com/vulnerabilities/16946 •
CVE-2004-0538
https://notcve.org/view.php?id=CVE-2004-0538
LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. LaunchServices en Mac OS X 10.3.4 y 10.2.8 registra automáticamente y ejecuta aplicaciones nuevas, lo que podría permitir a atacantes ejecutar código arbitrario sin avisar al usuario. • http://docs.info.apple.com/article.html?artnum=25785 •
CVE-2004-0539
https://notcve.org/view.php?id=CVE-2004-0539
The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code. El botón "Show in Finder" en el navegador web Safari de Mac OS X 10.3.4 y 10.2.8 puede ejecutar aplicaciones descargadas, lo que pódría permitir a atacantes remotos ejecutar código arbitrario. • http://docs.info.apple.com/article.html?artnum=25785 http://www.kb.cert.org/vuls/id/773190 •
CVE-2004-0517
https://notcve.org/view.php?id=CVE-2004-0517
Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. Vulnerabilidad desconocida en Mac OS X 10.3.4, relacionada con "manejo de IDs de procesos durante instalación de paquetes", una vulnerabilidad distinta de CAN-2004-0516. • http://lists.seifried.org/pipermail/security/2004-May/003743.html http://securitytracker.com/id?1010331 http://www.securityfocus.com/bid/10432 https://exchange.xforce.ibmcloud.com/vulnerabilities/16290 •
CVE-2004-0514
https://notcve.org/view.php?id=CVE-2004-0514
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." Vulnerabilidad desconocida en LoginWindow de Mac OS X 10.3.4, relacionada con "manejo de consultas de servicios de directorio" • http://lists.seifried.org/pipermail/security/2004-May/003743.html http://securitytracker.com/id?1010330 http://www.kb.cert.org/vuls/id/174790 http://www.securityfocus.com/bid/10432 https://exchange.xforce.ibmcloud.com/vulnerabilities/16289 •