Mac OS X Server

CVEs (668)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2003-0466	Ftpd Ftpd	Cri	0.73	9.8	0.78	Aug 27, 2003	Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow,…
CVE-2007-3798	Tcpdump Tcpdump	Cri	0.72	9.8	0.70	Jul 16, 2007	Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
CVE-2010-1205	Libpng Libpng	Cri	0.70	9.8	0.43	Jun 30, 2010	Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVE-2010-0211	OpenLDAP Openldap	Cri	0.69	9.8	0.29	Jul 28, 2010	The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN…
CVE-2008-0599	PHP PHP	Cri	0.65	9.8	0.11	May 5, 2008	The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
CVE-2005-1689	Mit Kerberos 5	Cri	0.65	9.8	0.11	Jul 18, 2005	Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2010-1378	Apple Inc. Mac OS X	Cri	0.64	9.8	0.01	Nov 15, 2010	OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority.
CVE-2010-2941	Apple Inc. Cups	Cri	0.64	9.8	0.06	Nov 5, 2010	ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP…
CVE-2009-2422	Rubyonrails Ruby on Rails	Cri	0.64	9.8	0.03	Jul 10, 2009	The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers…
CVE-2002-1347	Cyrus SASL Cyrus SASL library	Cri	0.64	9.8	0.07	Dec 18, 2002	Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication…
CVE-2016-4694	Apple Inc. Apache HTTP Server	Cri	0.59	9.1	0.01	Sep 25, 2016	The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to…
CVE-2010-0037	Apple Inc. Mac OS X	Hig	0.58	8.8	0.05	Jan 20, 2010	Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image.
CVE-2008-3637	Apple Inc. Mac OS X	Hig	0.58	8.8	0.06	Sep 26, 2008	The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue."
CVE-2009-0949	Apple Inc. Cups	Hig	0.53	7.5	0.20	Jun 9, 2009	The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive…
CVE-2008-5183	Apple Inc. Cups	Hig	0.52	7.5	0.09	Nov 21, 2008	cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging…
CVE-2010-1821	Apple Inc. Mac OS X	Hig	0.51	7.8	0.00	Apr 13, 2017	Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.
CVE-2010-1816	Apple Inc. Mac OS X	Hig	0.51	7.8	0.02	Apr 13, 2017	Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image.
CVE-2010-0036	Apple Inc. Mac OS X	Hig	0.51	7.8	0.04	Jan 20, 2010	Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.
CVE-2006-4095	Isc Bind	Hig	0.50	7.5	0.13	Sep 6, 2006	BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
CVE-2004-0079	OpenSSL Project OpenSSL	Hig	0.50	7.5	0.10	Nov 23, 2004	The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVE-2003-0466CriAug 27, 2003
Ftpd
Ftpd
risk 0.73cvss 9.8epss 0.78
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow,…
CVE-2007-3798CriJul 16, 2007
Tcpdump
Tcpdump
risk 0.72cvss 9.8epss 0.70
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
CVE-2010-1205CriJun 30, 2010
Libpng
Libpng
risk 0.70cvss 9.8epss 0.43
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVE-2010-0211CriJul 28, 2010
OpenLDAP
Openldap
risk 0.69cvss 9.8epss 0.29
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN…
CVE-2008-0599CriMay 5, 2008
PHP
PHP
risk 0.65cvss 9.8epss 0.11
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
CVE-2005-1689CriJul 18, 2005
Mit
Kerberos 5
risk 0.65cvss 9.8epss 0.11
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2010-1378CriNov 15, 2010
Apple Inc.
Mac OS X
risk 0.64cvss 9.8epss 0.01
OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority.
CVE-2010-2941CriNov 5, 2010
Apple Inc.
Cups
risk 0.64cvss 9.8epss 0.06
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP…
CVE-2009-2422CriJul 10, 2009
Rubyonrails
Ruby on Rails
risk 0.64cvss 9.8epss 0.03
The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers…
CVE-2002-1347CriDec 18, 2002
Cyrus SASL
Cyrus SASL library
risk 0.64cvss 9.8epss 0.07
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication…
CVE-2016-4694CriSep 25, 2016
Apple Inc.
Apache HTTP Server
risk 0.59cvss 9.1epss 0.01
The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to…
CVE-2010-0037HigJan 20, 2010
Apple Inc.
Mac OS X
risk 0.58cvss 8.8epss 0.05
Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image.
CVE-2008-3637HigSep 26, 2008
Apple Inc.
Mac OS X
risk 0.58cvss 8.8epss 0.06
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue."
CVE-2009-0949HigJun 9, 2009
Apple Inc.
Cups
risk 0.53cvss 7.5epss 0.20
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive…
CVE-2008-5183HigNov 21, 2008
Apple Inc.
Cups
risk 0.52cvss 7.5epss 0.09
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging…
CVE-2010-1821HigApr 13, 2017
Apple Inc.
Mac OS X
risk 0.51cvss 7.8epss 0.00
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.
CVE-2010-1816HigApr 13, 2017
Apple Inc.
Mac OS X
risk 0.51cvss 7.8epss 0.02
Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image.
CVE-2010-0036HigJan 20, 2010
Apple Inc.
Mac OS X
risk 0.51cvss 7.8epss 0.04
Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.
CVE-2006-4095HigSep 6, 2006
Isc
Bind
risk 0.50cvss 7.5epss 0.13
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
CVE-2004-0079HigNov 23, 2004
OpenSSL Project
OpenSSL
risk 0.50cvss 7.5epss 0.10
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Page 1 of 34