CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2004-0168
https://notcve.org/view.php?id=CVE-2004-0168
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging." Vulnerabilidad desconocida en CoreFoundation para Mac OS X 10.3.3, relacionada con "registro (logging) de notificaciones". • http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html http://secunia.com/advisories/10959 https://exchange.xforce.ibmcloud.com/vulnerabilities/15299 •
CVSS: 5.0EPSS: 3%CPEs: 36EXPL: 1CVE-2004-0165
https://notcve.org/view.php?id=CVE-2004-0165
Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. Vulnerabilidad de cadena de formato en el demonio de Protocolo Punto-a-Punto (pppd) 2.4.0 de Mac OS X 10.3.2 y anteriores permite a atacantes remotos leer datos arbitrarios del proceso pppd, incluyendo credenciales de autenticación PAP o CHAP, para ganar privilegios. • http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html http://www.atstake.com/research/advisories/2004/a022304-1.txt http://www.kb.cert.org/vuls/id/841742 http://www.osvdb.org/6822 http://www.securityfocus.com/bid/9730 https://exchange.xforce.ibmcloud.com/vulnerabilities/15297 •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0CVE-2003-1005
https://notcve.org/view.php?id=CVE-2003-1005
The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. • http://lists.apple.com/archives/security-announce/2003/Dec/msg00001.html http://secunia.com/advisories/10474 http://www.auscert.org.au/render.html?it=3704 http://www.securityfocus.com/bid/9266 •
CVSS: 9.8EPSS: 13%CPEs: 3EXPL: 0CVE-2002-1347
https://notcve.org/view.php?id=CVE-2002-1347
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. Desbordamiento de búfer en la librería Cyrus SASL 2.1.9 y anteriores permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante entradas largas durante la canonización de nombre de usuario caractéres que necesitan ser escapados durante autenticación LDAP usando saslauth, o un error por uno en el escritor del log, que no asigna espacio para el carácter nulo que termina la cadena. • http://archives.neohapsis.com/archives/linux/suse/2002-q4/1275.html http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://marc.info/?l=bugtraq&m=103946297703402&w=2 http://www.debian.org/security/2002/dsa-215 http://www.redhat.com/support/errata/RHSA-2002-283.html http://www.securityfocus.com/advisories/4826 http://www.securityfocus.com/bid/6347 http://www.securityfocus.com/bid/6348 • CWE-131: Incorrect Calculation of Buffer Size •