Sign-up

ID

VAR-200307-0025


CVE

CVE-2003-0379


TITLE

Apple AFP Server Arbitrary file destruction vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200307-029

DESCRIPTION

Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files. A vulnerability has been discovered in Apple AFP Server. The problem presents itself when the application is serving files on a specific filesystem type. A remote attacker is said to be able to exploit this vulnerability to corrupt arbitrary files on the local system. Mac OS X is an operating system used on Mac machines, based on the BSD system. The included Apple File Protocol (Apple Filing Protocol) is used for communication between the server and guest room machines in the AppleShare network. No detailed vulnerability details are currently available

Trust: 1.26

sources: NVD: CVE-2003-0379 // BID: 7863 // VULHUB: VHN-7208

AFFECTED PRODUCTS

vendor:applemodel:afp serverscope:eqversion:*

Trust: 1.0

vendor:applemodel:afp serverscope: - version: -

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.0

Trust: 0.3

sources: BID: 7863 // CNNVD: CNNVD-200307-029 // NVD: CVE-2003-0379

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2003-0379
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200307-029
value: MEDIUM

Trust: 0.6

VULHUB: VHN-7208
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2003-0379
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-7208
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-7208 // CNNVD: CNNVD-200307-029 // NVD: CVE-2003-0379

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-0379

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200307-029

TYPE

Unknown

Trust: 0.9

sources: BID: 7863 // CNNVD: CNNVD-200307-029

EXTERNAL IDS

db:NVDid:CVE-2003-0379

Trust: 2.0

db:CNNVDid:CNNVD-200307-029

Trust: 0.7

db:BIDid:7863

Trust: 0.4

db:VULHUBid:VHN-7208

Trust: 0.1

sources: VULHUB: VHN-7208 // BID: 7863 // CNNVD: CNNVD-200307-029 // NVD: CVE-2003-0379

REFERENCES

url:http://lists.apple.com/mhonarc/security-announce/msg00030.html

Trust: 2.3

url:http://docs.info.apple.com/article.html?artnum=120223

Trust: 0.3

sources: VULHUB: VHN-7208 // BID: 7863 // CNNVD: CNNVD-200307-029 // NVD: CVE-2003-0379

CREDITS

Apple Security Update

Trust: 0.6

sources: CNNVD: CNNVD-200307-029

SOURCES

db:VULHUBid:VHN-7208
db:BIDid:7863
db:CNNVDid:CNNVD-200307-029
db:NVDid:CVE-2003-0379

LAST UPDATE DATE

2024-08-14T13:51:22.886000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-7208date:2011-03-08T00:00:00
db:BIDid:7863date:2009-07-11T22:06:00
db:CNNVDid:CNNVD-200307-029date:2005-10-20T00:00:00
db:NVDid:CVE-2003-0379date:2011-03-08T02:12:32.517

SOURCES RELEASE DATE

db:VULHUBid:VHN-7208date:2003-07-24T00:00:00
db:BIDid:7863date:2003-06-09T00:00:00
db:CNNVDid:CNNVD-200307-029date:2003-06-09T00:00:00
db:NVDid:CVE-2003-0379date:2003-07-24T04:00:00