Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Mac Os X Server  >> 10.2.8  Security Vulnerabilities
CVE-2005-0126
ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap.
CVSS Score
7.5
EPSS Score
0.007
Published
2005-05-02
CVE-2005-0342
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
CVSS Score
2.1
EPSS Score
0.002
Published
2005-05-02
CVE-2004-0886
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
CVSS Score
5.0
EPSS Score
0.11
Published
2005-01-27
CVE-2004-0921
AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.
CVSS Score
7.5
EPSS Score
0.004
Published
2005-01-27
CVE-2004-0922
AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.
CVSS Score
5.0
EPSS Score
0.003
Published
2005-01-27
CVE-2004-0923
CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-01-27
CVE-2004-0924
NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not.
CVSS Score
5.0
EPSS Score
0.003
Published
2005-01-27
CVE-2004-0926
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
CVSS Score
10.0
EPSS Score
0.037
Published
2005-01-27
CVE-2004-0927
ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.
CVSS Score
5.0
EPSS Score
0.002
Published
2005-01-27
CVE-2004-1123
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.
CVSS Score
5.0
EPSS Score
0.008
Published
2005-01-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved