VYPR

Mac OS X Server

by Apple Inc.

CVEs (668)

  • CVE-2004-0517Aug 18, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516.

  • CVE-2004-0514Aug 18, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups."

  • CVE-2004-0518Aug 18, 2004
    risk 0.00cvss epss 0.01

    Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors.

  • CVE-2004-0516Aug 18, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517.

  • CVE-2004-0515Aug 18, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files."

  • CVE-2004-0538Aug 6, 2004
    risk 0.00cvss epss 0.02

    LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user.

  • CVE-2004-0539Aug 6, 2004
    risk 0.00cvss epss 0.05

    The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code.

  • CVE-2004-0428May 3, 2004
    risk 0.00cvss epss 0.01

    Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact.

  • CVE-2003-1008Mar 29, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application.

  • CVE-2003-0601Mar 29, 2004
    risk 0.00cvss epss 0.01

    Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved.

  • CVE-2003-1007Mar 29, 2004
    risk 0.00cvss epss 0.01

    AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact.

  • CVE-2003-1009Mar 29, 2004
    risk 0.00cvss epss 0.05

    Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain…

  • CVE-2004-0166Mar 15, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar."

  • CVE-2004-0165Mar 15, 2004
    risk 0.00cvss epss 0.04

    Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges.

  • CVE-2004-0168Mar 15, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."

  • CVE-2004-0167Mar 15, 2004
    risk 0.00cvss epss 0.02

    DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media.

  • CVE-2003-1005Dec 31, 2003
    risk 0.00cvss epss 0.02

    The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences.

  • CVE-2003-0975Dec 15, 2003
    risk 0.00cvss epss 0.01

    Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

  • CVE-2003-0913Dec 1, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access."

  • CVE-2003-0804Nov 17, 2003
    risk 0.00cvss epss 0.01

    The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.

Page 33 of 34