CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
90.5%
A buffer overflow in Apple Mac OS X Directory Service’s authentication process may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Apple Mac OS X Server Directory Service provides reading, writing, and authentication services within the Apple Open Directory Architecture. A buffer overflow exists in the authentication process used by Apple Directory Service. A buffer within an unspecified routine used by the authentication process can be overwritten via a specially crafted authentication request.
For more information, please refer to Apple Security Update 2005-007.
A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the Apple Directory Service’s authentication process.
Apple a patch
Apple advises all users to apply Apple Security Update 2005-007, as it fixes this and other critical security flaws.
913820
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: August 17, 2005
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was reported in Apple Security Update 2005-007.
This document was written by Jeff Gennari.
CVE IDs: | CVE-2005-2507 |
---|---|
Severity Metric: | 18.17 Date Public: |