CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2003-0378
https://notcve.org/view.php?id=CVE-2003-0378
The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. El sistema de autentificación de login de Kerberos sobre Mac OS X, cuando se usua con un servidor LDAPv3 y autentificación LDAP, puede enviar passwords en texto plano al servidor LDAP si no está fijado el atributo AuthenticationAuthority • http://docs.info.apple.com/article.html?artnum=107579 http://www.kb.cert.org/vuls/id/467828 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0242
https://notcve.org/view.php?id=CVE-2003-0242
IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. IPSec en Mac OS X anterior a la 10.2.6 no maneja correctamente ciertas políticas de seguridad asignadas por puerto, lo que permitiría tráfico que no está explícitamente permitido por esas políticas. • http://docs.info.apple.com/article.html?artnum=61798 http://secunia.com/advisories/8798 http://securitytracker.com/id?1006796 http://www.kb.cert.org/vuls/id/869548 http://www.securityfocus.com/bid/7628 https://exchange.xforce.ibmcloud.com/vulnerabilities/12027 •
CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 1CVE-2003-0171 – Apple Mac OSX 10.2.4 - DirectoryService 'PATH' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0171
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. DirectoryServices en MacOS X se fia de la variable de entorno PATH para localizar y ejecutar el comando touch, lo que permite a usurarios locales ejecutar comandos arbitrarios modificando PATH para que apunte a un directorio que contenga un programa 'touch' malicioso. • https://www.exploit-db.com/exploits/15 http://lists.apple.com/mhonarc/security-announce/msg00028.html http://www.atstake.com/research/advisories/2003/a041003-1.txt •
CVSS: 6.4EPSS: 0%CPEs: 21EXPL: 0CVE-2003-0198
https://notcve.org/view.php?id=CVE-2003-0198
Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files. Mac OS X anteriores a 10.2.5 permite a usuarios invitados modificar los permisos de la carpeta DropBox y leer ficheros no autorizados. • http://lists.apple.com/mhonarc/security-announce/msg00028.html •
CVSS: 10.0EPSS: 97%CPEs: 81EXPL: 14CVE-2003-0201 – Samba 2.2.8 (BSD x86) - 'trans2open' Remote Overflow
https://notcve.org/view.php?id=CVE-2003-0201
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. Desbordamiento de búfer en la función call_trans2open en trans2.c de Samba 2.2.x anteriores a 2.2.8a, 2.0.10 y versiones anteriores 2.0.x, y Samba-TNG anteriores a de 0.3.2, permite a atacantes remotos ejecutar código arbitrario. • https://www.exploit-db.com/exploits/16880 https://www.exploit-db.com/exploits/55 https://www.exploit-db.com/exploits/7 https://www.exploit-db.com/exploits/16861 https://www.exploit-db.com/exploits/10 https://www.exploit-db.com/exploits/16876 https://www.exploit-db.com/exploits/9924 https://www.exploit-db.com/exploits/16330 https://www.exploit-db.com/exploits/22469 https://www.exploit-db.com/exploits/22471 https://www.exploit-db.com/exploits/22470 https: •