Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2430
HistoryNov 17, 2007 - 12:00 a.m.

Apple Mac OS X应用防火墙非授权网络访问漏洞

2007-11-1700:00:00
Root
www.seebug.org
18

0.036 Low

EPSS

Percentile

91.7%

JSON

BUGTRAQ ID: 26460
CVE(CAN) ID: CVE-2007-4703

Apple Mac OS X是苹果家族机器所使用的操作系统。

Mac OS X应用防火墙的实现上存在漏洞,可能导致非授权的网络访问。

Mac OS X应用防火墙的“设置特定服务和应用程序的访问”设置没有正确地实施安全策略,即使已经将可执行程序明确的添加到了程序列表中并标记为“阻断所有入站连接”,以root用户权限(UID 0)运行的进程仍可接收入站连接,这可能导致非预期的暴露某些网络服务,攻击者可以执行各种网络攻击入侵系统。

Apple Mac OS X 10.5
Apple MacOS X Server 10.5
Apple

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16133&amp;cat=60&amp;platform=osx&amp;method=sa/MacOSXUpd10.5.1.dmg” target=“_blank”>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16133&amp;cat=60&amp;platform=osx&amp;method=sa/MacOSXUpd10.5.1.dmg</a>
<a href=“http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16134&amp;cat=60&amp;platform=osx&amp;method=sa/MacOSXServerUpd10.5.1.dmg” target=“_blank”>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16134&amp;cat=60&amp;platform=osx&amp;method=sa/MacOSXServerUpd10.5.1.dmg</a>

Related

cvelist 1
cve 1
nvd 1
prion 1
nessus 1
openvas 2
cvelist
cvelist
CVE-2007-4703
2007-11-15 20:00:00
cve
cve
CVE-2007-4703
2007-11-15 20:46:00
nvd
nvd
CVE-2007-4703
2007-11-15 20:46:00
prion
prion
Security feature bypass
2007-11-15 20:46:00
nessus
nessus
Mac OS X 10.5.x < 10.5.1 Multiple Vulnerabilities
2007-11-16 00:00:00
openvas
openvas
Mac OS X 10.5.1 Security Update (HT2169)
2010-05-12 00:00:00
Mac OS X 10.5.1 Update
2010-05-12 00:00:00

0.036 Low

EPSS

Percentile

91.7%

JSON
Related for SSV:2430
cvelist1cve1nvd1prion1nessus1openvas2