Mac Os X@* Security Vulnerabilities and Issues — Mac Os X@* CVE List

Lucene search

AppleMac Os X*

6 matches found

CVE•added 2003/11/03 5:0 a.m.•49 views

CVE-2003-0881

Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.

7.5CVSS7.5AI score0.00785EPSS

CVE•added 2003/11/03 5:0 a.m.•46 views

CVE-2003-0882

Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.

5CVSS7AI score0.00497EPSS

CVE•added 2003/06/16 4:0 a.m.•43 views

CVE-2003-0378

The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set.

7.5CVSS6.8AI score0.00348EPSS

CVE•added 2003/06/09 4:0 a.m.•41 views

CVE-2003-0242

IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies.

7.5CVSS6.6AI score0.01404EPSS

CVE•added 2003/11/03 5:0 a.m.•41 views

CVE-2003-0880

Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences.

4.6CVSS6.7AI score0.00061EPSS

CVE•added 2003/11/03 5:0 a.m.•40 views

CVE-2003-0878

slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875.

2.1CVSS6.8AI score0.00242EPSS