Vulnerabilities > CVE-2007-0736 - Multiple Security vulnerability in Apple Mac OS X 2007-004
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.
Vulnerable Configurations
Nessus
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_SECUPD2007-004.NASL |
description | The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2007-004 applied. This update fixes security flaws in the following applications : AFP Client AirPort CarbonCore diskdev_cmds fetchmail ftpd gnutar Help Viewer HID Family Installer Kerberos Libinfo Login Window network_cmds SMB System Configuration URLMount Video Conference WebDAV |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25081 |
published | 2007-04-21 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25081 |
title | Mac OS X Multiple Vulnerabilities (Security Update 2007-004) |
code |
|
References
- http://docs.info.apple.com/article.html?artnum=305391
- http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
- http://secunia.com/advisories/24966
- http://www.osvdb.org/34861
- http://www.securityfocus.com/bid/23569
- http://www.securitytracker.com/id?1017942
- http://www.us-cert.gov/cas/techalerts/TA07-109A.html
- http://www.vupen.com/english/advisories/2007/1470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33782