Details of VAR-E-200704-0607

ID

VAR-E-200704-0607

CVE

cve_id:	CVE-2007-0734	Trust: 0.6
cve_id:	CVE-2007-0732	Trust: 0.3
cve_id:	CVE-2007-0744	Trust: 0.3
cve_id:	CVE-2007-0737	Trust: 0.3
cve_id:	CVE-2007-0729	Trust: 0.3
cve_id:	CVE-2007-0735	Trust: 0.3
cve_id:	CVE-2007-0746	Trust: 0.3
cve_id:	CVE-2007-0743	Trust: 0.3
cve_id:	CVE-2007-0736	Trust: 0.3
cve_id:	CVE-2007-0747	Trust: 0.3
cve_id:	CVE-2007-0741	Trust: 0.3
cve_id:	CVE-2007-0739	Trust: 0.3
cve_id:	CVE-2007-0725	Trust: 0.3
cve_id:	CVE-2007-0738	Trust: 0.3
cve_id:	CVE-2007-0742	Trust: 0.3

sources: BID: 23569 // BID: 23396

TITLE

Apple Mac OS X 2007-004 Multiple Security Vulnerabilities

Trust: 0.3

sources: BID: 23569

DESCRIPTION

Apple Mac OS X is prone to multiple security vulnerabilities.
These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation.
Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present.
Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues.

Trust: 0.3

sources: BID: 23569

AFFECTED PRODUCTS

vendor:	apple	model:	mac os	scope:	eq	version:	x10.1	Trust: 0.6
vendor:	cosmicperl	model:	directory pro	scope:	eq	version:	10.0.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.9	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os preview.app	scope:	eq	version:	x3.0.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.03	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	airport extreme	scope:	eq	version:	5.7	Trust: 0.3
vendor:	apple	model:	airport extreme	scope:	eq	version:	5.5	Trust: 0.3
vendor:	apple	model:	airport extreme	scope:	eq	version:	7.0	Trust: 0.3
vendor:	apple	model:	airport extreme base station	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	airport express	scope:	eq	version:	6.3	Trust: 0.3
vendor:	apple	model:	airport express	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	airport extreme	scope:	ne	version:	7.1	Trust: 0.3

sources: BID: 23569 // BID: 23396

EXPLOIT

Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.
Some of these issues may not require specific exploit code.

Trust: 0.3

sources: BID: 23569

PRICE

Free

Trust: 0.3

sources: BID: 23569

TYPE

Unknown

Trust: 0.3

sources: BID: 23569

CREDITS

The vendor disclosed some of these issues. The following people are credited with the discovery of certain issues: Landon Fuller of Three Rings Design (CVE-2007-0735), Mu Security Research Team ( CVE-2007-0736), Hauptman Woodward Medical Research Institute

Trust: 0.3

sources: BID: 23569

EXTERNAL IDS

db:	NVD	id:	CVE-2007-0734	Trust: 0.6
db:	NVD	id:	CVE-2007-0732	Trust: 0.3
db:	NVD	id:	CVE-2007-0744	Trust: 0.3
db:	NVD	id:	CVE-2007-0737	Trust: 0.3
db:	NVD	id:	CVE-2007-0729	Trust: 0.3
db:	NVD	id:	CVE-2007-0735	Trust: 0.3
db:	NVD	id:	CVE-2007-0746	Trust: 0.3
db:	NVD	id:	CVE-2007-0743	Trust: 0.3
db:	NVD	id:	CVE-2007-0736	Trust: 0.3
db:	NVD	id:	CVE-2007-0747	Trust: 0.3
db:	NVD	id:	CVE-2007-0741	Trust: 0.3
db:	NVD	id:	CVE-2007-0739	Trust: 0.3
db:	NVD	id:	CVE-2007-0725	Trust: 0.3
db:	NVD	id:	CVE-2007-0738	Trust: 0.3
db:	NVD	id:	CVE-2007-0742	Trust: 0.3
db:	BID	id:	23569	Trust: 0.3
db:	BID	id:	23396	Trust: 0.3

sources: BID: 23569 // BID: 23396

REFERENCES

url:	http://landonf.bikemonkey.org/2007/04/19#moab_fixes_net_a_bug.20070419203514.5302.timor	Trust: 0.3
url:	http://docs.info.apple.com/article.html?artnum=305391	Trust: 0.3
url:	http://www.info.apple.com/usen/security/security_updates.html	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	http://labs.musecurity.com/advisories/mu-200704-01.txt	Trust: 0.3
url:	http://www.apple.com/support/downloads/airportextremebasestationwith80211nfirmware71.html	Trust: 0.3
url:	http://software.cisco.com/download/navigator.html?mdfid=283613663	Trust: 0.3
url:	http://docs.info.apple.com/article.html?artnum=305366	Trust: 0.3

sources: BID: 23569 // BID: 23396

SOURCES

db:	BID	id:	23569
db:	BID	id:	23396

LAST UPDATE DATE

2022-07-27T09:36:41.445000+00:00

SOURCES UPDATE DATE

db:	BID	id:	23569	date:	2007-05-02T20:29:00
db:	BID	id:	23396	date:	2007-04-10T18:32:00

SOURCES RELEASE DATE

db:	BID	id:	23569	date:	2007-04-19T00:00:00
db:	BID	id:	23396	date:	2007-04-10T00:00:00