CVSS: 5.0EPSS: 4%CPEs: 20EXPL: 0CVE-2007-0726
https://notcve.org/view.php?id=CVE-2007-0726
The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys. El proceso de generación de clave SSH en OpenSSH de Mac OS X 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos provocar una denegación de servicio conectándose al servidor antes de que SSH haya finalizado la creación de claves, lo cual provoca que las claves sean regeneradas y pueden romper relaciones de confianza basadas en las claves originales. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.osvdb.org/34850 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017756 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 https://exchange.xforce.ibmcloud.com/vulnerabilities/32975 •
CVSS: 9.3EPSS: 1%CPEs: 18EXPL: 0CVE-2007-0731
https://notcve.org/view.php?id=CVE-2007-0731
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. Desbordamiento de búfer basado en pila en el módulo de Samba específico de Apple (SMB File Server) en Apple Mac OS X 10.4 hasta 10.4.8 permite a atacantes dependientes del contexto ejecutar código de su elección mediante una lista de control de acceso (ACL) larga. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.osvdb.org/34852 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017754 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 https://exchange.xforce.ibmcloud.com/vulnerabilities/32979 •
CVSS: 6.8EPSS: 5%CPEs: 20EXPL: 0CVE-2007-0722
https://notcve.org/view.php?id=CVE-2007-0722
Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image. Desbordamiento de entero en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una imagen de disco AppleSingleEncoding artesanal. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.kb.cert.org/vuls/id/124280 http://www.osvdb.org/34847 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 •
CVSS: 6.8EPSS: 2%CPEs: 20EXPL: 0CVE-2007-0719
https://notcve.org/view.php?id=CVE-2007-0719
Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile. Desbordamiento de búfer basado en pila en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una imagen con un perfil ColorSync artesanal. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.kb.cert.org/vuls/id/449440 http://www.osvdb.org/34845 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 •
CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0CVE-2007-0720
https://notcve.org/view.php?id=CVE-2007-0720
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. El servicio CUPS en múltiples plataformas permite que los atacantes remotos causen una denegación de servicio (suspensión de servicio) por medio de una conexión SSL "partially-negotiated", lo que impide que otras peticiones sean aceptadas. • http://docs.info.apple.com/article.html?artnum=305214 http://fedoranews.org/cms/node/2785 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://secunia.com/advisories/24517 http://secunia.com/advisories/24530 http://secunia.com/advisories/24660 http://secunia.com/advisories/24878 http://secunia.com/advisories/24895 http://secunia.com/advisories/25119 http://secunia.com/advisories/25497 http://secunia.com/advisori •