Apple Mac Os X Server vulnerabilities

CVE-2006-0384 [HIGH] CVE-2006-0384: automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (un automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names".

CVE-2006-0383 [MEDIUM] CVE-2006-0383: IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions".

CVE-2006-0848 [MEDIUM] CWE-16 CVE-2006-0848: The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assi The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file th

CVE-2005-2713 [MEDIUM] CVE-2005-2713: passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.

CVE-2005-3712 [MEDIUM] CWE-119 CVE-2005-3712: Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated user Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes.

CVE-2005-2714 [MEDIUM] CWE-59 CVE-2005-2714: passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.

CVE-2005-3706 [MEDIUM] CVE-2005-3706: Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent att Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory.

CVE-2005-3782 [LOW] CVE-2005-3782: Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show t Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username.

CVE-2005-4504 [HIGH] CVE-2005-4504: The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earli The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.

CVE-2005-4217 [HIGH] CWE-264 CVE-2005-4217: Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges.

CVE-2005-3705 [HIGH] CVE-2005-3705: Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in appli Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors.

CVE-2005-2757 [HIGH] CVE-2005-2757: Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs."

CVE-2005-3701 [HIGH] CVE-2005-3701: Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an O Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an Open Directory master server, allows local users to gain privileges via unknown attack vectors.

CVE-2005-3700 [MEDIUM] CVE-2005-3700: Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Serve Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors.

CVE-2005-3704 [MEDIUM] CVE-2005-3704: System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof s System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL).

CVE-2005-3702 [MEDIUM] CVE-2005-3702: Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be do Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.

CVE-2005-2752 [LOW] CVE-2005-2752: An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.

CVE-2005-2749 [LOW] CVE-2005-2749: Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability.

CVE-2005-2750 [LOW] CVE-2005-2750: Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without ask Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed.

CVE-2005-2751 [LOW] CVE-2005-2751: memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access co memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group.