ID CVE-2009-2828
Summary The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
References
Vulnerable Configurations
  • Apple Mac OS X 10.5.8
    cpe:2.3:o:apple:mac_os_x:10.5.8
  • Apple Mac OS X Server 10.5.8
    cpe:2.3:o:apple:mac_os_x_server:10.5.8
CVSS
Base: 7.5 (as of 11-11-2009 - 10:21)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family MacOS X Local Security Checks
NASL id MACOSX_SECUPD2009-006.NASL
description The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2009-006 applied. This security update contains fixes for the following products : - AFP Client - Adaptive Firewall - Apache - Apache Portable Runtime - ATS - Certificate Assistant - CoreGraphics - CUPS - Dictionary - DirectoryService - Disk Images - Event Monitor - fetchmail - FTP Server - Help Viewer - International Components for Unicode - IOKit - IPSec - libsecurity - libxml - OpenLDAP - OpenSSH - PHP - QuickDraw Manager - QuickLook - FreeRADIUS - Screen Sharing - Spotlight - Subversion
last seen 2019-02-21
modified 2018-07-16
plugin id 42433
published 2009-11-09
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=42433
title Mac OS X Multiple Vulnerabilities (Security Update 2009-006)
refmap via4
apple APPLE-SA-2009-11-09-1
bid 36956
confirm http://support.apple.com/kb/HT3937
vupen ADV-2009-3184
Last major update 17-11-2009 - 02:02
Published 10-11-2009 - 14:30
Back to Top