Vulnerabilities > CVE-2005-1340 - Remote Security vulnerability in Apple mac OS X 10.3.9

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

apple

nessus

NVD

Published: 2005-05-04

Updated: 2008-09-05

Summary

The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple MAC OS X 10.3.9	1

Nessus

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_SECUPD2005-005.NASL
description	The remote host is missing Security Update 2005-005. This security update contains fixes for the following applications : - Apache - AppKit - AppleScript - Bluetooth - Directory Services - Finder - Foundation - HelpViewer - LDAP - libXpm - lukemftpd - NetInfo - ServerAdmin - sudo - Terminal - VPN These programs have multiple vulnerabilities that could allow a remote attacker to execute arbitrary code.
last seen	2020-06-01
modified	2020-06-02
plugin id	18189
published	2005-05-03
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/18189
title	Mac OS X Multiple Vulnerabilities (Security Update 2005-005)

References

http://lists.apple.com/archives/security-announce/2005/May/msg00001.html