Mac Os X Server Security Vulnerabilities and Issues — Mac Os X Server CVE List

Lucene search

AppleMac Os X Server

12 matches found

CVE•added 2003/05/05 4:0 a.m.•201 views

CVE-2003-0198

Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.

6.4CVSS6.8AI score0.00448EPSS

CVE•added 2003/08/27 4:0 a.m.•130 views

CVE-2003-0466

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) ...

10CVSS9.8AI score0.84747EPSS

CVE•added 2003/10/06 4:0 a.m.•92 views

CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

10CVSS7.7AI score0.7608EPSS

CVE•added 2003/10/06 4:0 a.m.•72 views

CVE-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

7.5CVSS6.8AI score0.1288EPSS

CVE•added 2003/11/17 5:0 a.m.•57 views

CVE-2003-0804

The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.

5CVSS6.6AI score0.00739EPSS

CVE•added 2003/05/05 4:0 a.m.•54 views

CVE-2003-0171

DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.

7.2CVSS7.2AI score0.00132EPSS

CVE•added 2003/11/03 5:0 a.m.•51 views

CVE-2003-0876

Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended.

2.1CVSS6.5AI score0.00084EPSS

CVE•added 2003/08/18 4:0 a.m.•50 views

CVE-2003-0518

The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow.

4.6CVSS7.2AI score0.00094EPSS

CVE•added 2003/03/03 5:0 a.m.•49 views

CVE-2003-0049

Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password.

7.5CVSS6.1AI score0.0054EPSS

CVE•added 2003/12/01 5:0 a.m.•49 views

CVE-2003-0913

Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access."

4.6CVSS6.6AI score0.0009EPSS

CVE•added 2003/11/03 5:0 a.m.•46 views

CVE-2003-0871

Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."

7.5CVSS7.2AI score0.00557EPSS

CVE•added 2003/12/15 5:0 a.m.•44 views

CVE-2003-0975

Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

5CVSS6.1AI score0.00404EPSS