cvelistv5 - CVE-2006-0384

CVE-2006-0384 (GCVE-0-2006-0384)

Vulnerability from cvelistv5

Published

2006-03-02 19:00

Modified

2024-08-07 16:34

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

CERTA-2006-AVI-096

Vulnerability from certfr_avis

None

Description

Apple propose une mise à jour de sécurité pour différentes versions de MacOS X. Celle-ci est relative à des vulnérabilités concernant plusieurs composants de MacOS X, dont certaines ont fait l'objet d'avis ou d'alertes publiés par le CERTA en 2005 et 2006. Ceux-ci sont référencés dans la section documentation. Ils concernent entre autres :

Vulnérabilités du module apache_mod_php.
Vulnérabilités concernant le format des fichiers traités par Mail ou Safari.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Mac OS X Server v10.4.5
Intel	N/A	Mac OS X v10.4.5 (PowerPC et Intel)
Intel	N/A	Mac OS X Server v10.3.9
Intel	N/A	Mac OS X v10.3.9

References

Title

Publication Time

gsd-2006-0384

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-0384

Aliases

CVE-2006-0384

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-0384",
    "description": "automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to \"mount file systems with reserved names\".",
    "id": "GSD-2006-0384"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-0384"
      ],
      "details": "automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to \"mount file systems with reserved names\".",
      "id": "GSD-2006-0384",
      "modified": "2023-12-13T01:19:50.666570Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-0384",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to \"mount file systems with reserved names\"."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "23640",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/23640"
          },
          {
            "name": "1015709",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015709"
          },
          {
            "name": "19064",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19064"
          },
          {
            "name": "16907",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/16907"
          },
          {
            "name": "ADV-2006-0791",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0791"
          },
          {
            "name": "APPLE-SA-2006-03-01",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
          },
          {
            "name": "TA06-062A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
          },
          {
            "name": "macosx-automount-execute-code(25021)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25021"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=303382",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=303382"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0384"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to \"mount file systems with reserved names\"."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2006-03-01",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
            },
            {
              "name": "16907",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/16907"
            },
            {
              "name": "19064",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19064"
            },
            {
              "name": "1015709",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015709"
            },
            {
              "name": "23640",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/23640"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=303382",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=303382"
            },
            {
              "name": "TA06-062A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
            },
            {
              "name": "ADV-2006-0791",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/0791"
            },
            {
              "name": "macosx-automount-execute-code(25021)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25021"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-20T01:29Z",
      "publishedDate": "2006-03-02T19:06Z"
    }
  }
}

ghsa-9c95-h326-chqh

Vulnerability from github

Published

2022-05-01 06:39

Modified

2022-05-01 06:39

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-0384"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-03-02T19:06:00Z",
    "severity": "HIGH"
  },
  "details": "automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to \"mount file systems with reserved names\".",
  "id": "GHSA-9c95-h326-chqh",
  "modified": "2022-05-01T06:39:31Z",
  "published": "2022-05-01T06:39:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0384"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25021"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=303382"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19064"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015709"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/23640"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/16907"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0791"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

var-200603-0273

Vulnerability from variot

automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". Apple has also released updates to address these issues. Details of the fixes are available via the PHP web site (www.php.net). PHP ships with Mac OS X but is disabled by default. This framework is vulnerable to a directory traversal attack that can allow archived files to be unpacked into arbitrary locations that are writable by the current user. This update addresses the issue by properly sanitizing those paths. Credit to Stephane Kardas of CERTA for reporting this issue. This could lead to privilege elevation. This update addresses the issue by anticipating a hostile environment and by creating temporary files securely. Credit to Ilja van Sprundel of Suresec LTD, vade79, and iDefense (idefense.com) for reporting this issue. This update secures the method in which a FileVault image is created. This update addresses the issues by correctly handling the conditions that may cause crashes. Credit to OUSPG from the University of Oulu, NISCC, and CERT-FI for coordinating and reporting this issue. This could cause the targeted application to crash or execute arbitrary code. This update addresses the issue by correctly handling these memory requests. This issue does not affect systems prior to Mac OS X v10.4. Credit to Neil Archibald of Suresec LTD for reporting this issue. Certain techniques can be used to disguise the file's type so that Download Validation is bypassed. This update addresses the issue by presenting Download Validation with the entire file, providing more information for Download Validation to detect unknown or unsafe file types in attachments.

perl CVE-ID: CVE-2005-4217 Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9 Impact: Perl programs may fail to drop privileges Description: When a perl program running as root attempts to switch to another user ID, the operation may fail without notification to the program. This may cause a program to continue to run with root privileges, assuming they have been dropped. This can cause security issues in third-party tools. This update addresses the issue by preventing such applications from continuing if the operation fails. This issue does not affect Mac OS X v10.4 or later systems. Credit to Jason Self for reporting this issue. It may be possible for a malicious user with access to an rsync server to cause denial of service or code execution. This update addresses the problem by ensuring that the destination buffer is large enough to hold the extended attributes. This issue does not affect systems prior to Mac OS X v10.4. Credit to Jan-Derk Bakker for reporting this issue. This update addresses the issue by preventing the condition causing the overflow. Credit to Suresec LTD for reporting this issue. This update addresses the issue by performing additional bounds checking. An issue involving HTTP redirection can cause the browser to access a local file, bypassing certain restrictions. This update addresses the issue by preventing cross-domain HTTP redirects. When the "Open `safe' files after downloading" option is enabled in Safari's General preferences, visiting a malicious web site may result in the automatic download and execution of such a file. A proof-of-concept has been detected on public web sites that demonstrates the automatic execution of shell scripts.

Syndication CVE-ID: CVE-2006-0389 Available for: Mac OS X v10.4.5, Mac OS X Server v10.4.5 Impact: Subscriptions to malicious RSS content can lead to cross-site scripting Description: Syndication (Safari RSS) may allow JavaScript code embedded in feeds to run within the context of the RSS reader document, allowing malicious feeds to circumvent Safari's security model. This update addresses the issue by properly removing JavaScript code from feeds. Syndication is only available in Mac OS X v10.4 and later.

The following security enhancements are also included in this update:

FileVault: AES-128 encrypted FileVault disk images are now created with more restrictive operating system permissions. Credit to Eric Hall of DarkArt Consulting Services for reporting this issue.

iChat: A malicious application named Leap.A that attempts to propagate using iChat has been detected.

Users should use caution when opening files that are obtained from the network. Further information is available via: http://docs.info.apple.com/article.html?artnum=108009

Security Update 2006-001 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/

For Mac OS X v10.4.5 (PowerPC) and Mac OS X Server v10.4.5 The download file is named: "SecUpd2006-001Ti.dmg" Its SHA-1 digest is: 999b73a54951b4e0a7f873fecf75f92840e8b439

For Mac OS X v10.4.5 (Intel) The download file is named: "SecUpd2006-001Intel.dmg" Its SHA-1 digest is: 473f94264876fa49fa15a8b6bb4bc30956502ad5

For Mac OS X v10.3.9 The download file is named: "SecUpd2006-001Pan.dmg" Its SHA-1 digest is: b6a000d451a1b1696726ff60142fc3da08042433

For Mac OS X Server v10.3.9 The download file is named: "SecUpdSrvr2006-001Pan.dmg" Its SHA-1 digest is: 2299380d72a61eadcbd0a5c6f46c924600ff5a9c

Information will also be posted to the Apple Product Security web site: http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key, and details are available at: http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.5 (Build 5050)

iQEVAwUBRAYYVoHaV5ucd/HdAQJQWggApQmizj2t3+/87Fqun66/HCEkFt2YhUoe cmel0/KwJhWrk+LV+CYvixbDvKuGIjP8CWB9/s78YN93pOI5WcfyTKd07rEQYkT4 i8KPrM9QjdvgIjKd6O/VAOkzBc3DqV7KNVR2Hewa3jOigTm7Yxil9o/nZt1TLxAI 9TN0uduc13WHC8WE2N41I8MQ+VdGTX3ANZkfgR90lua4A2E1ab9kCN2qbg+E7Cus SkwsKp0qSH7bl8v0/R6c1hsYG0T1RwSWU6arAEliqzrrIbCm0Yxtgwp/CYFWC46j TQNCcppNgcr/pVPojACy8WFtQ3wEb6rJ4ZjH1C5nOem2EoCBh10WFw== =1Ww0 -----END PGP SIGNATURE----- .

The weakness is caused due to an error in the KHTMLParser when parsing certain malformed HTML documents. This can be exploited to crash an application that uses the parser via a specially crafted HTML file. In certain cases, this may cause the system to become unresponsive. Other applications that use the parser may also be affected.

SOLUTION: Do not open or follow links to HTML files from non-trusted sources.

PROVIDED AND/OR DISCOVERED BY: Tom Ferris

ORIGINAL ADVISORY: http://security-protocols.com/advisory/sp-x22-advisory.txt

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200603-0273",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.4"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.4.3"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.3"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.4.2"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.7"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.4.5"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.4.1"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.4.4"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.9"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4.3"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.2"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.2"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.6"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.6"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4.4"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.8"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.8"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.5"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.5"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.4"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.7"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.4"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.9"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4.5"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4.2"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.3"
      },
      {
        "model": "mac os x",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.3.9"
      },
      {
        "model": "mac os x",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.4.5"
      },
      {
        "model": "mac os x server",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.3.9"
      },
      {
        "model": "mac os x server",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.4.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.9"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.8"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "16907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0384"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "St\u00e9phane Kardas",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-0384",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2006-0384",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-16492",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-0384",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2006-0384",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200603-008",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-16492",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0384"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to \"mount file systems with reserved names\". \nApple has also released updates to address these issues. Details of the fixes are\navailable via the PHP web site (www.php.net). PHP ships with Mac OS\nX but is disabled by default. This framework is vulnerable to a directory\ntraversal attack that can allow archived files to be unpacked into\narbitrary locations that are writable by the current user. This\nupdate addresses the issue by properly sanitizing those paths. \nCredit to Stephane Kardas of CERTA for reporting this issue. This could lead to privilege elevation. This update\naddresses the issue by anticipating a hostile environment and by\ncreating temporary files securely. Credit to Ilja van Sprundel of\nSuresec LTD, vade79, and iDefense (idefense.com) for reporting this\nissue. This update secures the method in\nwhich a FileVault image is created. This update addresses the issues by\ncorrectly handling the conditions that may cause crashes. Credit to\nOUSPG from the University of Oulu, NISCC, and CERT-FI for\ncoordinating and reporting this issue. This could cause the targeted application to\ncrash or execute arbitrary code. This update addresses the issue by\ncorrectly handling these memory requests. This issue does not\naffect systems prior to Mac OS X v10.4. Credit to Neil Archibald of\nSuresec LTD for reporting this issue. Certain techniques can be used\nto disguise the file\u0027s type so that Download Validation is\nbypassed. This update addresses the issue by presenting Download\nValidation with the entire file, providing more information for\nDownload Validation to detect unknown or unsafe file types in\nattachments. \n\nperl\nCVE-ID:  CVE-2005-4217\nAvailable for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9\nImpact:  Perl programs may fail to drop privileges\nDescription:  When a perl program running as root attempts to switch\nto another user ID, the operation may fail without notification to\nthe program. This may cause a program to continue to run with root\nprivileges, assuming they have been dropped. This can cause\nsecurity issues in third-party tools. This update addresses the\nissue by preventing such applications from continuing if the\noperation fails. This issue does not affect Mac OS X v10.4 or later\nsystems. Credit to Jason Self for reporting this issue. It may be possible for a malicious user with\naccess to an rsync server to cause denial of service or code\nexecution. This update addresses the problem by ensuring that the\ndestination buffer is large enough to hold the extended attributes. \nThis issue does not affect systems prior to Mac OS X v10.4. Credit\nto Jan-Derk Bakker for reporting this issue. This update\naddresses the issue by preventing the condition causing the\noverflow. Credit to Suresec LTD for reporting this issue. This update addresses the issue by performing additional\nbounds checking. An issue involving HTTP\nredirection can cause the browser to access a local file, bypassing\ncertain restrictions. This update addresses the issue by preventing\ncross-domain HTTP redirects. When the \"Open `safe\u0027 files after downloading\" option\nis enabled in Safari\u0027s General preferences, visiting a malicious\nweb site may result in the automatic download and execution of such\na file. A proof-of-concept has been detected on public web sites\nthat demonstrates the automatic execution of shell scripts. \n\nSyndication\nCVE-ID:  CVE-2006-0389\nAvailable for:  Mac OS X v10.4.5, Mac OS X Server v10.4.5\nImpact:  Subscriptions to malicious RSS content can lead to\ncross-site scripting\nDescription:  Syndication (Safari RSS) may allow JavaScript code\nembedded in feeds to run within the context of the RSS reader\ndocument, allowing malicious feeds to circumvent Safari\u0027s security\nmodel. This update addresses the issue by properly removing\nJavaScript code from feeds. Syndication is only available in Mac OS\nX v10.4 and later. \n\nThe following security enhancements are also included in this update:\n\nFileVault: AES-128 encrypted FileVault disk images are now created\nwith more restrictive operating system permissions. Credit to Eric\nHall of DarkArt Consulting Services for reporting this issue. \n\niChat: A malicious application named Leap.A that attempts to\npropagate using iChat has been detected. \n\nUsers should use caution when opening files that are obtained from\nthe network. Further information is available via:\nhttp://docs.info.apple.com/article.html?artnum=108009\n\nSecurity Update 2006-001 may be obtained from the Software Update\npane in System Preferences, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nFor Mac OS X v10.4.5 (PowerPC) and Mac OS X Server v10.4.5\nThe download file is named:  \"SecUpd2006-001Ti.dmg\"\nIts SHA-1 digest is:  999b73a54951b4e0a7f873fecf75f92840e8b439\n\nFor Mac OS X v10.4.5 (Intel)\nThe download file is named:  \"SecUpd2006-001Intel.dmg\"\nIts SHA-1 digest is:  473f94264876fa49fa15a8b6bb4bc30956502ad5\n\nFor Mac OS X v10.3.9\nThe download file is named:  \"SecUpd2006-001Pan.dmg\"\nIts SHA-1 digest is:  b6a000d451a1b1696726ff60142fc3da08042433\n\nFor Mac OS X Server v10.3.9\nThe download file is named:  \"SecUpdSrvr2006-001Pan.dmg\"\nIts SHA-1 digest is:  2299380d72a61eadcbd0a5c6f46c924600ff5a9c\n\nInformation will also be posted to the Apple Product Security\nweb site:\nhttp://docs.info.apple.com/article.html?artnum=61798\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttp://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.0.5 (Build 5050)\n\niQEVAwUBRAYYVoHaV5ucd/HdAQJQWggApQmizj2t3+/87Fqun66/HCEkFt2YhUoe\ncmel0/KwJhWrk+LV+CYvixbDvKuGIjP8CWB9/s78YN93pOI5WcfyTKd07rEQYkT4\ni8KPrM9QjdvgIjKd6O/VAOkzBc3DqV7KNVR2Hewa3jOigTm7Yxil9o/nZt1TLxAI\n9TN0uduc13WHC8WE2N41I8MQ+VdGTX3ANZkfgR90lua4A2E1ab9kCN2qbg+E7Cus\nSkwsKp0qSH7bl8v0/R6c1hsYG0T1RwSWU6arAEliqzrrIbCm0Yxtgwp/CYFWC46j\nTQNCcppNgcr/pVPojACy8WFtQ3wEb6rJ4ZjH1C5nOem2EoCBh10WFw==\n=1Ww0\n-----END PGP SIGNATURE-----\n. \n\nThe weakness is caused due to an error in the KHTMLParser when\nparsing certain malformed HTML documents. This can be exploited to\ncrash an application that uses the parser via a specially crafted\nHTML file. In certain cases, this may cause the system to become\nunresponsive. Other applications that use the\nparser may also be affected. \n\nSOLUTION:\nDo not open or follow links to HTML files from non-trusted sources. \n\nPROVIDED AND/OR DISCOVERED BY:\nTom Ferris\n\nORIGINAL ADVISORY:\nhttp://security-protocols.com/advisory/sp-x22-advisory.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-0384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      },
      {
        "db": "BID",
        "id": "16907"
      },
      {
        "db": "VULHUB",
        "id": "VHN-16492"
      },
      {
        "db": "PACKETSTORM",
        "id": "44321"
      },
      {
        "db": "PACKETSTORM",
        "id": "42522"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-0384",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "16907",
        "trust": 2.0
      },
      {
        "db": "OSVDB",
        "id": "23640",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "19064",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1015709",
        "trust": 1.7
      },
      {
        "db": "USCERT",
        "id": "TA06-062A",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-0791",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008",
        "trust": 0.7
      },
      {
        "db": "CERT/CC",
        "id": "TA06-062A",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2006-03-01",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "25021",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-16492",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "44321",
        "trust": 0.1
      },
      {
        "db": "SECUNIA",
        "id": "18220",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "42522",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16492"
      },
      {
        "db": "BID",
        "id": "16907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      },
      {
        "db": "PACKETSTORM",
        "id": "44321"
      },
      {
        "db": "PACKETSTORM",
        "id": "42522"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0384"
      }
    ]
  },
  "id": "VAR-200603-0273",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16492"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-29T19:51:31.024000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "16907",
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/16907"
      },
      {
        "title": "19064",
        "trust": 0.8,
        "url": "http://secunia.com/advisories/19064"
      },
      {
        "title": "article",
        "trust": 0.8,
        "url": "http://docs.info.apple.com/article.html?artnum=303382"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-0384"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2006/mar/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/16907"
      },
      {
        "trust": 1.7,
        "url": "http://www.us-cert.gov/cas/techalerts/ta06-062a.html"
      },
      {
        "trust": 1.7,
        "url": "http://docs.info.apple.com/article.html?artnum=303382"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/23640"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1015709"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/19064"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/0791"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25021"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0384"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-0384"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/0791"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/25021"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/macosx/"
      },
      {
        "trust": 0.3,
        "url": "http://www.suresec.org/advisories/adv11.pdf"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/426586"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2713"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-0387"
      },
      {
        "trust": 0.1,
        "url": "http://docs.info.apple.com/article.html?artnum=61798"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-4504"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3712"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2714"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-0394"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3391"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-0395"
      },
      {
        "trust": 0.1,
        "url": "https://www.php.net)."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-4217"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-0391"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3319"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-0383"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-0384"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3353"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-0388"
      },
      {
        "trust": 0.1,
        "url": "http://docs.info.apple.com/article.html?artnum=108009"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3706"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-0386"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3392"
      },
      {
        "trust": 0.1,
        "url": "http://security-protocols.com/advisory/sp-x22-advisory.txt"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/18220/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/96/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16492"
      },
      {
        "db": "BID",
        "id": "16907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      },
      {
        "db": "PACKETSTORM",
        "id": "44321"
      },
      {
        "db": "PACKETSTORM",
        "id": "42522"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0384"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-16492"
      },
      {
        "db": "BID",
        "id": "16907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      },
      {
        "db": "PACKETSTORM",
        "id": "44321"
      },
      {
        "db": "PACKETSTORM",
        "id": "42522"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0384"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-03-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-16492"
      },
      {
        "date": "2006-03-01T00:00:00",
        "db": "BID",
        "id": "16907"
      },
      {
        "date": "2013-12-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      },
      {
        "date": "2006-03-03T08:09:05",
        "db": "PACKETSTORM",
        "id": "44321"
      },
      {
        "date": "2005-12-23T08:37:20",
        "db": "PACKETSTORM",
        "id": "42522"
      },
      {
        "date": "2005-11-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      },
      {
        "date": "2006-03-02T19:06:00",
        "db": "NVD",
        "id": "CVE-2006-0384"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-16492"
      },
      {
        "date": "2006-04-11T19:02:00",
        "db": "BID",
        "id": "16907"
      },
      {
        "date": "2013-12-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      },
      {
        "date": "2006-03-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      },
      {
        "date": "2024-11-21T00:06:20.483000",
        "db": "NVD",
        "id": "CVE-2006-0384"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Mac OS X and  Apple Mac OS X Server Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003724"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-008"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2006-0384

Vulnerability from fkie_nvd

Published

2006-03-02 19:06

Modified

2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=303382
cve@mitre.org	http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
cve@mitre.org	http://secunia.com/advisories/19064	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1015709
cve@mitre.org	http://www.osvdb.org/23640
cve@mitre.org	http://www.securityfocus.com/bid/16907	Patch
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA06-062A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0791
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/25021
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=303382
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19064	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015709
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23640
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16907	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-062A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0791
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/25021

Impacted products

Vendor	Product	Version
apple	mac_os_x	10.3
apple	mac_os_x	10.3.1
apple	mac_os_x	10.3.2
apple	mac_os_x	10.3.3
apple	mac_os_x	10.3.4
apple	mac_os_x	10.3.5
apple	mac_os_x	10.3.6
apple	mac_os_x	10.3.7
apple	mac_os_x	10.3.8
apple	mac_os_x	10.3.9
apple	mac_os_x	10.4
apple	mac_os_x	10.4.1
apple	mac_os_x	10.4.2
apple	mac_os_x	10.4.3
apple	mac_os_x	10.4.4
apple	mac_os_x	10.4.5
apple	mac_os_x_server	10.3
apple	mac_os_x_server	10.3.1
apple	mac_os_x_server	10.3.2
apple	mac_os_x_server	10.3.3
apple	mac_os_x_server	10.3.4
apple	mac_os_x_server	10.3.5
apple	mac_os_x_server	10.3.6
apple	mac_os_x_server	10.3.7
apple	mac_os_x_server	10.3.8
apple	mac_os_x_server	10.3.9
apple	mac_os_x_server	10.4
apple	mac_os_x_server	10.4.1
apple	mac_os_x_server	10.4.2
apple	mac_os_x_server	10.4.3
apple	mac_os_x_server	10.4.4
apple	mac_os_x_server	10.4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D48FD1-CB91-4310-9432-A4365FA67B11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "750C6C37-8460-4ED8-83AD-ACAF993E4A6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to \"mount file systems with reserved names\"."
    }
  ],
  "id": "CVE-2006-0384",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-03-02T19:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=303382"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19064"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015709"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/23640"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16907"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0791"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=303382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015709"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/23640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25021"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-0384 (GCVE-0-2006-0384)

Vulnerability from cvelistv5

CERTA-2006-AVI-096

Vulnerability from certfr_avis

Description

Solution

gsd-2006-0384

Vulnerability from gsd

ghsa-9c95-h326-chqh

Vulnerability from github

var-200603-0273

Vulnerability from variot

fkie_cve-2006-0384

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature