44 matches found
Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003
The remote host is missing Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003. One or more of the following components are affected: AFP Server Apache AppKit Apple Pixlet Video ATS CFNetwork CoreFoundation CoreGraphics CoreTypes CUPS Flash Player Plug-in Help Viewer iCal International...
Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003
The remote host is missing Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Apple Mac OS X多个命令执行及拒绝服务漏洞
Apple Mac OS X是苹果家族机器所使用的操作系统。 Apple Mac OS X的多个组件存在漏洞,攻击者可能利用这些漏洞导致执行命令或拒绝服务。 1. CFNetwork的客户端(比如Safari)允许建立匿名的SSL连接,远程非认证的SSL站可以利用这个漏洞使之看起来是认证过的。 2. Flash播放器存在漏洞,远程攻击者可能利用此漏洞执行任意命令。 3. ImageIO在处理畸形的JPEG2000图像时存在缓冲区溢出漏洞,攻击者可能利用此漏洞执行任意指令。 4. Kernel Mach中存在漏洞可以使恶意用户以高权限执行任意命令。 5...
CVE-2006-4393
Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users...
CVE-2006-4397
Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 through 10.4.7 prevents Kerberos tickets from being destroyed if a user does not successfully log on to a network account from the login window, which might allow later users to gain access to the original user's Kerberos tickets...
CVE-2006-4394
A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIds to bypass service access controls and log into the system using loginwindow via unknown vectors...
CVE-2006-4394
Apple Mac OS X 10.4.x before 10.4.8 is affected by CVE-2006-4394 due to a logic error in LoginWindow. This allows network accounts without GUIDs to bypass service access controls and log in to the system via LoginWindow through unknown vectors. Impact is bypass of LoginWindow access controls for ...
CVE-2006-4393
Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users...
CVE-2006-4397
CVE-2006-4397 affects Apple Mac OS X 10.4–10.4.7, where an unchecked error in the LoginWindow can prevent destruction of Kerberos tickets if logon to a network account fails at the login window. This may allow a subsequent user to access the original user’s Kerberos tickets. The provided document...
[SA22187] Mac OS X Security Update Fixes Multiple Vulnerabilities
TITLE: Mac OS X Security Update Fixes Multiple Vulnerabilities SECUNIA ADVISORY ID: SA22187 VERIFY ADVISORY: http://secunia.com/advisories/22187/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, Privilege escalation, DoS, System access WHERE: From...
Apple Mac OS X may allow network accounts to bypass service access controls
Overview Apple Mac OS X may allow network accounts to bypass service access controls. This vulnerability may allow remote users with a valid network account to bypass LoginWindow service access controls. Description Remote access to a system can be restricted by service access controls via...
Mac OS X 10.4.x < 10.4.8 Multiple Vulnerabilities
The remote host is running a version of Mac OS X 10.4.x that is prior to 10.4.8. Mac OS X 10.4.8 contains several security fixes for the following programs : - CFNetwork - Flash Player - ImageIO - Kernel - LoginWindow - Preferences - QuickDraw Manager - SASL - WebCore - Workgroup Manager C Tenabl...
Mac OS X Multiple Vulnerabilities (Security Update 2006-001)
The remote host is running Apple Mac OS X, but lacks Security Update 2006-001. This security update contains fixes for the following applications : apachemodphp automount Bom Directory Services iChat IPSec LaunchServices LibSystem loginwindow Mail rsync Safari Syndication C Tenable Network...
CVE-2005-2509
Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts...
CVE-2005-2509
Technical details of CVE-2005-2509 are not publicly available in the provided documents; no affected products, impact, or remediation details are documented here. Monitor for updates.
Mac OS X Multiple Vulnerabilities (Security Update 2005-007)
The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2005-007 applied. This security update contains fixes for the following products : - Apache 2 - AppKit - Bluetooth - CoreFoundation - CUPS - Directory Services - HItoolbox - Kerberos - loginwindow -...
CVE-2004-0622
Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login aka Loginwindow.app, Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory...
CVE-2004-0962
Apple Remote Desktop Client 1.2.4 is affected: when launched by an Apple Remote Desktop Administrator, it can run a GUI application as root, enabling remote authenticated users to execute arbitrary code with loginwindow active via Fast User Switching. This is corroborated by Red Hat and CVE datab...
CVE-2004-0515
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files."...
CVE-2004-0514
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups."...