CVSS: 7.5EPSS: 6%CPEs: 6EXPL: 1CVE-2002-0676 – Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation
https://notcve.org/view.php?id=CVE-2002-0676
SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. • https://www.exploit-db.com/exploits/21596 http://www.cunap.com/~hardingr/projects/osx/exploit.html http://www.iss.net/security_center/static/9502.php http://www.osvdb.org/5137 http://www.securityfocus.com/bid/5176 •
CVSS: 2.1EPSS: 0%CPEs: 7EXPL: 0CVE-2001-1565
https://notcve.org/view.php?id=CVE-2001-1565
Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command. • http://www.iss.net/security_center/static/7750.php http://www.macsecurity.org/pipermail/macsec/2001-December/000299.html http://www.securityfocus.com/bid/3753 •
CVSS: 3.6EPSS: 0%CPEs: 6EXPL: 0CVE-2001-0806
https://notcve.org/view.php?id=CVE-2001-0806
Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. • http://marc.info/?l=bugtraq&m=99358249631139&w=2 http://marc.info/?l=bugtraq&m=99436289015729&w=2 http://online.securityfocus.com/archive/1/219166 http://www.osvdb.org/1882 http://www.securityfocus.com/bid/2930 https://exchange.xforce.ibmcloud.com/vulnerabilities/6750 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 4CVE-2001-1447
https://notcve.org/view.php?id=CVE-2001-1447
NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0121.html http://archives.neohapsis.com/archives/bugtraq/2001-10/0130.html http://www.ciac.org/ciac/bulletins/m-007.shtml http://www.kb.cert.org/vuls/id/945747 http://www.securityfocus.com/bid/3439 https://exchange.xforce.ibmcloud.com/vulnerabilities/7303 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2001-0766 – Apache 1.3.14 - Mac File Protection Bypass
https://notcve.org/view.php?id=CVE-2001-0766
Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters. • https://www.exploit-db.com/exploits/20911 http://archives.neohapsis.com/archives/bugtraq/2001-06/0090.html http://www.securityfocus.com/bid/2852 • CWE-178: Improper Handling of Case Sensitivity •