CVE-2007-5863 – Apple Mac OSX Software Update - Command Execution
https://notcve.org/view.php?id=CVE-2007-5863
Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option. Software Update en Apple Mac OS X 10.5.1 permite a atacantes remotos ejecutar comandos mediante un ataque de hombre-en-medio (man-in-the-middle o MITM) entre el cliente y el servidor, usando un archivo de definición de distribución modificado con la opción "allow-external-scripts". • https://www.exploit-db.com/exploits/16867 http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://securitytracker.com/id?1019106 http://www.securityfocus.com/archive/1/485237/100/0/threaded http://www.securityfocus.com/bid/26908 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://www.vupen.com/english/advisories/2007/4238 https://exchange.xforce.ibmcloud • CWE-310: Cryptographic Issues •
CVE-2007-6359 – Apple Mac OSX xnu 1228.0 - 'super_blob' Local kernel Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2007-6359
The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL. La función cs_validate_page en bsd/kern/ubc_subr.c en el kenerl xnu 1228.0 y anteriores en Apple Mac OS X 10.5.1 permite a usuarios locales provocar denegación de servicio (afirmación fallida y caida del sistema) a través de una firma manipulada binaria Mach-O quie provocar que la función de hash devuelva NULL. • https://www.exploit-db.com/exploits/4723 http://digit-labs.org/files/exploits/xnu-superblob-dos.c http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/28048 http://secunia.com/advisories/30430 http://www.securityfocus.com/bid/26840 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2007/4216 http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com • CWE-189: Numeric Errors •
CVE-2007-6276 – Apple Mac OSX 10.5.0 (Leopard) - vpnd Remote Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2007-6276
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112. La función accept_connections en el demonio de red privada virtual (vpnd) en Apple Mac OS X versiones 10.5 anteriores a 10.5.4, permite a los atacantes remotos causar una denegación de servicio (error de división por cero y bloqueo del demonio) por medio de un paquete de balance de carga diseñado para UDP puerto 4112. • https://www.exploit-db.com/exploits/4690 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://secunia.com/advisories/27938 http://secunia.com/advisories/30802 http://support.apple.com/kb/HT2163 http://www.securityfocus.com/bid/26699 http://www.securitytracker.com/id?1019052 http://www.vupen.com/english/advisories/2007/4145 http://www.vupen.com/english/advisories/2008/1981/references https://exchange.xforce.ibmcloud.com/vulnerabilities/38855 • CWE-189: Numeric Errors •
CVE-2007-5971 – krb5: double free in gssapi lib
https://notcve.org/view.php?id=CVE-2007-5971
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Una vulnerabilidad de doble liberación en la función gss_krb5int_make_seal_token_v3 en la biblioteca lib/gssapi/krb5/k5sealv3.c en MIT Kerberos 5 (krb5), presenta un impacto desconocido y vectores de ataques. • http://bugs.gentoo.org/show_bug.cgi?id=199212 http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://osvdb.org/43345 http://seclists.org/fulldisclosure/2007/Dec/0176.html http://seclists.org/fulldisclosure/2007/Dec/0321.html http://secunia.com/advisories/28636 http://secunia.com/advisories/29420 http://secunia.com/advisories/29450 http://secunia.com/advisories/29451 http://secunia.com/advisories • CWE-399: Resource Management Errors •
CVE-2007-5901 – krb5: use-after-free in gssapi lib
https://notcve.org/view.php?id=CVE-2007-5901
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Vulnerabilidad de uso después de liberación (use-after-free) en la función gss_indicate_mechs de lib/gssapi/mechglue/g_initialize.c en MIT Kerberos 5 (krb5) tiene impacto y vectores de ataque desconocidos. NOTA: esto podría ser resultado de una errata en el código fuente. • http://bugs.gentoo.org/show_bug.cgi?id=199214 http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://osvdb.org/43346 http://seclists.org/fulldisclosure/2007/Dec/0176.html http://seclists.org/fulldisclosure/2007/Dec/0321.html http://secunia.com/advisories/29451 http://secunia.com/advisories/29464 http://secunia.com/advisories/29516 http://secunia.com/advisories/39290 http://security.gentoo.org • CWE-399: Resource Management Errors CWE-416: Use After Free •