CVE-2003-1009 — Apple MAC OS X vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

1.1%

top 22.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedMar 29

Latest updateApr 29

Description

Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDapple/mac_os_x_server12 versions+11

▶NVDapple/mac_os_x4 versions+3

Patches

Patch: docs.info.apple.com ↗Patch: docs.info.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-jrqc-6vfg-cfj2: Directory Services in Apple Mac OS X 10↗2022-04-29

▶

💬Community

Bugzilla

CVE-2008-1078 am-utils: insecure usage of temporary files↗2008-02-29

▶