| 6! | Apple Mac OS X multiple security vulnerabilities
updated since 15.11.2007
|
 | | Mach ports privilege escalation. Multiple Appletalk protocol handling vulnerabilities. ldt privilege escalation. |
| 6! | Apple Mac OS X RPC portmapper service integer overflow
|
| | Integer overflow during AUTH_UNIX RPC uahtneitcation. |
| | Apple MacOS X multiple security vulnerabilities
|
| | Mac OS X security update closes a number of vulnerabilities. |
| 7! | NetBSD and Mac OS X ftpd / tnftpd buffer overflow
|
| | Buffer overflow in NLST FTP command file globbing. |
| 9! | Multiple Intel Centrino / PROSet / Apple Airport wireless drivers security vulnerabilities
updated since 10.08.2006
|
| | Multiple vulnerabilities, including local privilege escalation anre remote code execution. |
| 7! | Multiple Apple MacOS X security vulnerabilities
updated since 12.05.2006
|
| | Security update for May fixes 25 different vulnerabilities. |
| 6! | Apple MacOS X passwd privilege escalation
updated since 02.03.2006
|
| | Few vulnerabilities (symbolic links, race conditions) allow any system files editing. |
| | MacOS X perl privilege escalation
|
| | Instruction "$< = numeric_id;" for setting uid doesn't work. |
| 8! | Multiple MacOS X vulnerabilites
|
| | ImageIO GIF files parsing buffer overflow, Mail.app information leakage, QuickDraw Manager PICT files parsing buffer overflow, Java virtual machine quick time extensions safe mode protection bypass, Safari crossite scripting. |
| 7! | Multiple MacOS X vulnerabilities
updated since 18.08.2005
|
| | Apple Mac OS X Directory Services contains a buffer overflow, Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow, Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files, Apple Mac OS X AppKit vulnerable to buffer overflow via maliciously crafted Microsoft Word files, Apple Mac OS X Safari vulnerable to arbitrary command execution via URLs in PDF files, Apple Safari fails to perform security checks on links in rich text content. |
| 8! | Multiple Apple MacOS X vulnerabilities
updated since 04.05.2005
|
| | NeST buffer overflow. Выполнение javascript in local context with Help Viewer, insufficient input balidation in URL Protocol Messaging, insufficient input validation in x-man-path:, insufficient input validation in terminal emulators. Multiple bluetooth vulnerabilities. vpnd buffer overflow. |
| | MacOS X terminals information leak
|
| | Unprivileged user is unable to obtain exclusive tty access. |
| 6! | telnet client multiple buffer overflows
updated since 31.03.2005
|
| | env_opt_add(), slc_add_reply() buffer overflows. |
| 7! | Apple MacOS X environment variable buffer overflow
|
| | Buffer overflow on oversized CF_CHARSET_PATH variable. |
| | MacOS X AFS (Apple File Server) AFP (Apple Filing Protocol) FPLoginExt DoS |
| | | |
| | MacOS X at scheduling utilities privelege escalation
|
| | During execution of user's batch job system groups membership is not dropped. |
| | Multiple Darwin/MacOS X kernel bugs
|
| | DoS on parsing executable format, access behind array boundaries. |
| | Adobe version cue privilege escalation
|
| | External application invoked with relative path. |
| 6! | Multiple Safari bugs
|
| | Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS, System access. |
| 6! | MacOS X Internet Connect symbolic links
|
| | ppp.log is created in /tmp in unsafe way. |
| 6! | MacOS X cleartext passwords in memory
|
| | Passwords are stored in swap and memory in cleartext. |
| 6! | Multiple MacOS X bugs
updated since 08.06.2004
|
| | Problems with launching of download application. |
| 7! | MacOS X browsers files overwriting and scripts execution (multiple bugs)
updated since 17.05.2004
|
| | By using vulnerability in telnet: protocol handling it's possible to add -f option to telnet command line. help: protocol handler allows scripts execution via help: command. |
| 6! | Apple File Sharing bugger overflow
|
| | Preauthentication buffer overflow. |
| | MacOS X ppd format string bug
|
| | It's possible to read process memory. |
| 6! | MacOS X TruBlueEnvironment buffer overflow
|
| | Buffer overflow on environment variables parsing. |
| 6! | MacOS X cd9660.util buffer overflow
|
| | Buffer overflow on command line parsing. |
| | MacOS X privilege escalation
|
| | If short after sudo command computer was switched to sleep mode, it's still possible to use elevated privileges immediately after turning on again. |
| 6! | MacOS X core files symbolic links
|
| | core files are created in world-writable /core directory without symbolic links check. |
| 8! | MacOS X oversized argv buffer overflow
|
| | Buffer overflow in kernel on oversized command argument. |
| | MacOS X screensaver protection bypass
|
| | Keys pressed shortly before the authentication
window appears will be sent to the general user environment. |
| | MacOS X Personal Firewall protection bypass
|
| | Only TCP connections are blocked with firewall. |
| | |
