Next: Security Vulnerabilities
The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function.
CVSS Score
7.2
EPSS Score
0.011
Published
2006-10-03
The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service.
CVSS Score
7.2
EPSS Score
0.001
Published
1997-09-19
Buffer overflow of rlogin program using TERM environmental variable.
CVSS Score
10.0
EPSS Score
0.035
Published
1997-02-06
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.
CVSS Score
7.2
EPSS Score
0.002
Published
1996-10-25
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
CVSS Score
1.9
EPSS Score
0.001
Published
1996-04-18
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
CVSS Score
6.2
EPSS Score
0.001
Published
1991-10-22
The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root.
CVSS Score
10.0
EPSS Score
0.01
Published
1991-05-14
BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.005
Published
1990-10-03
Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions.
CVSS Score
7.2
EPSS Score
0.004
Published
1990-10-03
Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.005
Published
1990-10-03
Page 1