Vulnerabilities > CVE-2005-1472 - Unspecified vulnerability in Apple mac OS X 10.4.1

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

apple

nessus

NVD

Published: 2005-05-19

Updated: 2008-09-05

Summary

Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple MAC OS X 10.4.1	1

Nessus

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_10_4_1.NASL
description	The remote host is running a version of Mac OS X 10.4.x that is prior to 10.4.1. Mac OS X 10.4.1 contains several security fixes for : - Bluetooth - Dashboard - Kernel - SecurityAgent
last seen	2020-06-01
modified	2020-06-02
plugin id	18353
published	2005-05-20
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/18353
title	Mac OS X 10.4.x < 10.4.1 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(18353); script_version ("1.19"); script_cve_id("CVE-2005-1472", "CVE-2005-1473", "CVE-2005-1474"); script_bugtraq_id(13694, 13695, 13696); script_name(english:"Mac OS X 10.4.x < 10.4.1 Multiple Vulnerabilities"); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a Mac OS X update that fixes various security issues." ); script_set_attribute(attribute:"description", value: "The remote host is running a version of Mac OS X 10.4.x that is prior to 10.4.1. Mac OS X 10.4.1 contains several security fixes for : - Bluetooth - Dashboard - Kernel - SecurityAgent" ); # http://web.archive.org/web/20090106074817/http://support.apple.com/kb/TA23244?viewlocale=en_US script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e2ed7e60" ); script_set_attribute(attribute:"solution", value: "Upgrade to Mac OS X 10.4.1." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_publication_date", value: "2005/05/20"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/05/09"); script_set_attribute(attribute:"patch_publication_date", value: "2005/05/19"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_end_attributes(); script_summary(english:"Check for the version of Mac OS X"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"MacOS X Local Security Checks"); script_dependencies("ssh_get_info.nasl", "mdns.nasl"); #script_require_keys("Host/MacOSX/packages"); exit(0); } os = get_kb_item("Host/MacOSX/Version"); if ( ! os ) os = get_kb_item("mDNS/os"); if ( ! os ) exit(0); if ( ereg(pattern:"Mac OS X 10\.4$", string:os )) security_warning(0);

References

http://lists.apple.com/archives/security-announce/2005/May/msg00004.html