Vulnerabilities > Apple > MAC OS X Server > 10.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-10-07 | CVE-2005-0373 | Remote And Local vulnerability in Cyrus SASL Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. | 7.5 |
| 2004-07-07 | CVE-2004-0430 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. | 5.1 |
| 2004-05-03 | CVE-2004-0428 | Large Input vulnerability in Apple Mac OS X CoreFoundation Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. | 5.0 |
| 2004-03-29 | CVE-2003-1009 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges. | 10.0 |
| 2004-03-29 | CVE-2003-1006 | Local Buffer Overflow vulnerability in MacOSX CD9660.Util Probe For Mounting Argument Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. | 7.2 |
| 2004-03-29 | CVE-2003-0601 | Unspecified vulnerability in Apple mac OS X Server Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved. | 7.5 |
| 2004-03-15 | CVE-2004-0165 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | 5.0 |
| 2003-11-17 | CVE-2003-0804 | The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. | 5.0 |
| 2003-11-03 | CVE-2003-0876 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended. | 2.1 |
| 2003-10-06 | CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | 10.0 |