Sign-up

ID

VAR-200705-0152


CVE

CVE-2007-0753


TITLE

Apple Mac OS X of VPN daemon (vpnd) Format string vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2007-001530

DESCRIPTION

Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. Attackers may exploit this issue to crash the application or execute arbitrary code with superuser privileges. Successful exploits can result in a complete compromise of vulnerable computers. Apple Mac OS X Server 10.4.9 and prior versions are vulnerable to this issue. This issue was originally included in BID 24144 (Apple Mac OS X 2007-005 Multiple Security Vulnerabilities), but has been given its own record. A local attacker can trigger this vulnerability by running the vpnd command with specially crafted parameters, resulting in arbitrary command execution with system privileges

Trust: 1.98

sources: NVD: CVE-2007-0753 // JVNDB: JVNDB-2007-001530 // BID: 24208 // VULHUB: VHN-24115

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.4.9

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.6

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.3

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.3

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.8

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.3.1

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.7

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.3.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.6

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.7

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.8

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.9

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.2

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.7

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.2

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.4

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.5

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.4

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.3

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.5

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.7

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.8

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.6

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.9

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.9

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.8

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.9 and 10.4.9

Trust: 0.8

vendor:applemodel:mac os serverscope:eqversion:x10.4.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.0

Trust: 0.3

sources: BID: 24208 // JVNDB: JVNDB-2007-001530 // CNNVD: CNNVD-200705-476 // NVD: CVE-2007-0753

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-0753
value: HIGH

Trust: 1.0

NVD: CVE-2007-0753
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200705-476
value: HIGH

Trust: 0.6

VULHUB: VHN-24115
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-0753
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-24115
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-24115 // JVNDB: JVNDB-2007-001530 // CNNVD: CNNVD-200705-476 // NVD: CVE-2007-0753

PROBLEMTYPE DATA

problemtype:CWE-134

Trust: 1.8

sources: JVNDB: JVNDB-2007-001530 // NVD: CVE-2007-0753

THREAT TYPE

local

Trust: 0.9

sources: BID: 24208 // CNNVD: CNNVD-200705-476

TYPE

format string

Trust: 0.6

sources: CNNVD: CNNVD-200705-476

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-001530

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-24115

PATCH
title:APPLE-SA-2007-05-24url:http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-001530

EXTERNAL IDS
db:NVDid:CVE-2007-0753
Trust: 2.8
db:BIDid:24208
Trust: 2.0
db:VUPENid:ADV-2007-1939
Trust: 1.7
db:SECTRACKid:1018125
Trust: 1.7
db:OSVDBid:35143
Trust: 1.7
db:BIDid:24144
Trust: 1.7
db:SECUNIAid:25402
Trust: 1.7
db:JVNDBid:JVNDB-2007-001530
Trust: 0.8
db:CNNVDid:CNNVD-200705-476
Trust: 0.7
db:BUGTRAQid:20070529 MAC OS X VPND LOCAL FORMAT STRING
Trust: 0.6
db:BUGTRAQid:20070529 RE: MAC OS X VPND LOCAL FORMAT STRING
Trust: 0.6
db:APPLEid:APPLE-SA-2007-05-24
Trust: 0.6
db:XFid:34505
Trust: 0.6
db:SEEBUGid:SSVID-83555
Trust: 0.1
db:PACKETSTORMid:56981
Trust: 0.1
db:EXPLOIT-DBid:30096
Trust: 0.1
db:EXPLOIT-DBid:4013
Trust: 0.1
db:VULHUBid:VHN-24115
Trust: 0.1
sources:
            
            
            VULHUB: VHN-24115 // 
            
            
            
            BID: 24208 // 
            
            
            
            JVNDB: JVNDB-2007-001530 // 
            
            
            
            CNNVD: CNNVD-200705-476 // 
            
            
            
            NVD: CVE-2007-0753

REFERENCES
url:http://docs.info.apple.com/article.html?artnum=305530
Trust: 2.0
url:http://lists.apple.com/archives/security-announce/2007/may/msg00004.html
Trust: 1.7
url:http://www.securityfocus.com/bid/24144
Trust: 1.7
url:http://www.securityfocus.com/bid/24208
Trust: 1.7
url:http://www.osvdb.org/35143
Trust: 1.7
url:http://www.securitytracker.com/id?1018125
Trust: 1.7
url:http://secunia.com/advisories/25402
Trust: 1.7
url:http://www.securityfocus.com/archive/1/469882/100/0/threaded
Trust: 1.1
url:http://www.securityfocus.com/archive/1/469889/100/0/threaded
Trust: 1.1
url:http://www.vupen.com/english/advisories/2007/1939
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/34505
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0753
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0753
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/34505
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/469889/100/0/threaded
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/469882/100/0/threaded
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2007/1939
Trust: 0.6
url:http://software.cisco.com/download/navigator.html?mdfid=283613663
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
url:msg://bugtraq/00e3d827-c0a0-414a-82bb-cc4599b166b8@digitalmunition.com
Trust: 0.3
url:/archive/1/469882
Trust: 0.3
sources:
            
            
            VULHUB: VHN-24115 // 
            
            
            
            BID: 24208 // 
            
            
            
            JVNDB: JVNDB-2007-001530 // 
            
            
            
            CNNVD: CNNVD-200705-476 // 
            
            
            
            NVD: CVE-2007-0753

CREDITS
Chris Anley※ chrisanley@hushmail.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200705-476

SOURCES
db:VULHUBid:VHN-24115
db:BIDid:24208
db:JVNDBid:JVNDB-2007-001530
db:CNNVDid:CNNVD-200705-476
db:NVDid:CVE-2007-0753

LAST UPDATE DATE
2025-04-10T19:30:43.769000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-24115date:2018-10-16T00:00:00
db:BIDid:24208date:2007-05-30T00:04:00
db:JVNDBid:JVNDB-2007-001530date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200705-476date:2007-05-29T00:00:00
db:NVDid:CVE-2007-0753date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-24115date:2007-05-24T00:00:00
db:BIDid:24208date:2007-05-29T00:00:00
db:JVNDBid:JVNDB-2007-001530date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200705-476date:2007-05-24T00:00:00
db:NVDid:CVE-2007-0753date:2007-05-24T22:30:00