CVE-2003-0171

🗓️ 15 Apr 2003 04:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 58 Views

DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, allowing local users to execute arbitrary commands

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2003-0171	15 Apr 200304:00	–	cvelist
EUVD	EUVD-2003-0167	7 Oct 202500:30	–	euvd
NVD	CVE-2003-0171	5 May 200304:00	–	nvd
securityvulns	MacOS X DirectoryService Privilege Escalation (a041003-1)	12 Apr 200300:00	–	securityvulns

NVD

Node

apple mac_os_xMatch10.0

OR

apple mac_os_xMatch10.0.1

OR

apple mac_os_xMatch10.0.2

OR

apple mac_os_xMatch10.0.3

OR

apple mac_os_xMatch10.0.4

OR

apple mac_os_xMatch10.1

OR

apple mac_os_xMatch10.1.1

OR

apple mac_os_xMatch10.1.2

OR

apple mac_os_xMatch10.1.3

OR

apple mac_os_xMatch10.1.4

OR

apple mac_os_xMatch10.1.5

OR

apple mac_os_xMatch10.2

OR

apple mac_os_xMatch10.2.1

OR

apple mac_os_xMatch10.2.2

OR

apple mac_os_xMatch10.2.3

OR

apple mac_os_xMatch10.2.4

OR

apple mac_os_x_serverMatch10.0

OR

apple mac_os_x_serverMatch10.2

OR

apple mac_os_x_serverMatch10.2.1

OR

apple mac_os_x_serverMatch10.2.2

OR

apple mac_os_x_serverMatch10.2.3

OR

apple mac_os_x_serverMatch10.2.4

Source	Link
atstake	www.atstake.com/research/advisories/2003/a041003-1.txt
lists	www.lists.apple.com/mhonarc/security-announce/msg00028.html

16 Apr 2026 00:27Current

7.2High risk

Vulners AI Score7.2

CVSS 27.2

EPSS0.00132

cve-2003-0171 directoryservices macos x path environment variable touch command security vulnerability