CyberSec.Space Logo
返回 CVE 浏览器

CVE-2003-1009

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0350%
EPSS Percentile31.49th
Published2004年3月29日
Last Modified2026年4月16日

Vulnerability Description

Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.

Affected Platforms (CPE)

💻
Apple

Mac Os X

= 10.0.2
💻
Apple

Mac Os X

= 10.0.3
💻
Apple

Mac Os X

= 10.2.8
💻
Apple

Mac Os X

= 10.3.2
💻
Apple

Mac Os X Server

= 10.2
💻
Apple

Mac Os X Server

= 10.2.1
💻
Apple

Mac Os X Server

= 10.2.2
💻
Apple

Mac Os X Server

= 10.2.3
💻
Apple

Mac Os X Server

= 10.2.4
💻
Apple

Mac Os X Server

= 10.2.5
💻
Apple

Mac Os X Server

= 10.2.6
💻
Apple

Mac Os X Server

= 10.2.7
💻
Apple

Mac Os X Server

= 10.2.8
💻
Apple

Mac Os X Server

= 10.3
💻
Apple

Mac Os X Server

= 10.3.1
💻
Apple

Mac Os X Server

= 10.3.2

References & Advisories

🔗 http://docs.info.apple.com/article.html?artnum=32478
🔗 http://docs.info.apple.com/article.html?artnum=61798
🔗 http://www.carrel.org/dhcp-vuln.html
🔗 http://www.securityfocus.com/bid/9110
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/13874
🔗 http://docs.info.apple.com/article.html?artnum=32478
🔗 http://docs.info.apple.com/article.html?artnum=61798
🔗 http://www.carrel.org/dhcp-vuln.html

相关漏洞威胁

CVE-2000-038410.0

NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the Ne...

CVE-2004-009210.0

Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.

CVE-1999-108610.0

Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrat...

CVE-2004-016810.0

Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."