CVSS: 5.1EPSS: 10%CPEs: 2EXPL: 3CVE-2004-0430 – AppleFileServer (OSX) - LoginExt PathName Overflow
https://notcve.org/view.php?id=CVE-2004-0430
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. Desbordamiento de búfer basado en la pila en AppleFileServer de MAC OS X 10.3.3 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante un paquete LoginExt para un método de autenticación de usuario (User Authentication Method - UAM) con contraseña en texto plano con un arguemento PathName que incluye un cadena de tipo de AFPName más larga que el campo de longitud asociado. • https://www.exploit-db.com/exploits/16863 https://www.exploit-db.com/exploits/9931 https://www.exploit-db.com/exploits/391 http://lists.apple.com/mhonarc/security-announce/msg00049.html http://secunia.com/advisories/11539 http://securitytracker.com/id?1010039 http://www.atstake.com/research/advisories/2004/a050304-1.txt http://www.kb.cert.org/vuls/id/648406 http://www.securiteam.com/securitynews/5QP0115CUO.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16049 •
CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2004-0428
https://notcve.org/view.php?id=CVE-2004-0428
Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. • http://lists.virus.org/macsec-0405/msg00000.html http://secunia.com/advisories/11539 http://securitytracker.com/id?1010045 http://www.auscert.org.au/render.html?it=4070 http://www.securityfocus.com/bid/10270 https://exchange.xforce.ibmcloud.com/vulnerabilities/16051 •
CVSS: 7.2EPSS: 0%CPEs: 36EXPL: 3CVE-2003-1006 – Apple Mac OSX 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-1006
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. Desbordamiento de búfer en cd9660.util de Apple Mac OS X 10.0 a 10.3.2 y Apple Mac OS X Server 10.0 a 10.3.2 puede permitir a usuarios locales ejecutar código arbitrario mediante un parámetro de línea de comandos largo. • https://www.exploit-db.com/exploits/23442 http://docs.info.apple.com/article.html?artnum=61798 http://www.kb.cert.org/vuls/id/878526 http://www.securityfocus.com/archive/1/347578 http://www.securityfocus.com/archive/1/347707 http://www.securityfocus.com/archive/1/348097 http://www.securityfocus.com/bid/9228 https://exchange.xforce.ibmcloud.com/vulnerabilities/13995 •
CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 0CVE-2003-1011
https://notcve.org/view.php?id=CVE-2003-1011
Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell. Apple Mac OS X 10.0 a 10.2.8 permite a usuarios locales con un teclado USB ganar acceso no autorizado pulsando las tecla CTRL y C cuando el sistema está arrancando, lo que hace que se caiga el proceso init y deja al usuario con un intérprete de comandos de root. • http://docs.info.apple.com/article.html?artnum=61798 http://www.securityfocus.com/archive/1/343087 http://www.securityfocus.com/bid/8945 https://exchange.xforce.ibmcloud.com/vulnerabilities/13573 •
CVSS: 10.0EPSS: 1%CPEs: 16EXPL: 1CVE-2003-1009
https://notcve.org/view.php?id=CVE-2003-1009
Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges. Los servicios de directorio en Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 y Apple Mac OS X Server 10.2 a 10.3.2 aceptan información de servidor de autenticación de fuentes LDAP o NetInfo proporcionadas por un servidor DHCP malicioso, lo que permite a atacantes remotos ganar privilegios. • http://docs.info.apple.com/article.html?artnum=32478 http://docs.info.apple.com/article.html?artnum=61798 http://www.carrel.org/dhcp-vuln.html http://www.securityfocus.com/bid/9110 https://exchange.xforce.ibmcloud.com/vulnerabilities/13874 •