Apple Mac Os X Server vulnerabilities

654 known vulnerabilities affecting apple/mac_os_x_server.

Total CVEs

654

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL75HIGH157MEDIUM363LOW59

Vulnerabilities

Page 30 of 33

CVE-2005-0127MEDIUMCVSS 5.0v10.3.72005-05-02

CVE-2005-0127 [MEDIUM] CVE-2005-0127: Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes inform Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine.

nvd

CVE-2005-0975LOWCVSS 2.1v10.3v10.3.1+6 more2005-05-02

CVE-2005-0975 [LOW] CVE-2005-0975: Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.

nvd

CVE-2005-0342LOWCVSS 2.1PoCv10.0v10.1+22 more2005-05-02

CVE-2005-0342 [LOW] CVE-2005-0342: The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileg The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.

nvd

CVE-2005-1043MEDIUMCVSS 5.0v10.3.9v10.4+1 more2005-04-14

CVE-2005-1043 [MEDIUM] CVE-2005-1043: exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

nvd

CVE-2005-0716HIGHCVSS 7.2PoCv10.3v10.3.1+5 more2005-03-21

CVE-2005-0716 [HIGH] CVE-2005-0716: Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possib Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.

nvd

CVE-2005-0713MEDIUMCVSS 4.6PoCv10.3v10.3.1+6 more2005-03-21

CVE-2005-0713 [MEDIUM] CVE-2005-0713: The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluet The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges.

nvd

CVE-2005-0715LOWCVSS 2.1v10.3v10.3.1+6 more2005-03-21

CVE-2005-0715 [LOW] CVE-2005-0715: AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box.

nvd

CVE-2004-0926CRITICALCVSS 10.0v10.2v10.2.1+13 more2005-01-27

CVE-2004-0926 [CRITICAL] CVE-2004-0926: Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attac Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.

nvd

CVE-2004-0921HIGHCVSS 7.5v10.2v10.2.1+13 more2005-01-27

CVE-2004-0921 [HIGH] CVE-2004-0921: AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.

nvd

CVE-2004-0925MEDIUMCVSS 5.0v10.3v10.3.1+4 more2005-01-27

CVE-2004-0925 [MEDIUM] CVE-2004-0925: Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the user Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate.

nvd

CVE-2004-0927MEDIUMCVSS 5.0v10.2v10.2.1+13 more2005-01-27

CVE-2004-0927 [MEDIUM] CVE-2004-0927: ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.

nvd

CVE-2004-0924MEDIUMCVSS 5.0v10.2v10.2.1+13 more2005-01-27

CVE-2004-0924 [MEDIUM] CVE-2004-0924: NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root acc NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not.

nvd

CVE-2004-0922MEDIUMCVSS 5.0v10.2v10.2.1+13 more2005-01-27

CVE-2004-0922 [MEDIUM] CVE-2004-0922: AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest g AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.

nvd

CVE-2004-0886MEDIUMCVSS 5.0v10.2v10.2.1+14 more2005-01-27

CVE-2004-0886 [MEDIUM] CVE-2004-0886: Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.

nvd

CVE-2004-0923LOWCVSS 2.1v10.2v10.2.1+13 more2005-01-27

CVE-2004-0923 [LOW] CVE-2004-0923: CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, w CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.

nvd

CVE-2004-1123MEDIUMCVSS 5.0v10.2v10.2.1+14 more2005-01-10

CVE-2004-1123 [MEDIUM] CVE-2004-1123: Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a den Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.

nvd

CVE-2004-0090CRITICALCVSS 10.0v10.1.5v10.2+11 more2004-12-31

CVE-2004-0090 [CRITICAL] CVE-2004-0090: Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors.

nvd

CVE-2004-0821HIGHCVSS 7.2v10.2.8v10.3.4+1 more2004-12-31

CVE-2004-0821 [HIGH] CVE-2004-0821: The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, w The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges.

nvd

CVE-2004-0825MEDIUMCVSS 5.0v10.2.8v10.3.4+1 more2004-12-31

CVE-2004-0825 [MEDIUM] CVE-2004-0825: QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations.

nvd

CVE-2004-1832MEDIUMCVSS 5.0v10.32004-12-31

CVE-2004-1832 [MEDIUM] CVE-2004-1832: Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660.

nvd

← Previous30 / 33Next →