Details of VAR-200311-0049

ID

VAR-200311-0049

CVE

CVE-2003-0877

TITLE

Apple Mac OS X Core File Symbolic Link Vulnerability

Trust: 0.9

sources: BID: 8914 // CNNVD: CNNVD-200311-012

DESCRIPTION

Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory. Because of this, a local attacker may be able to overwrite arbitrary root owned files. Apple Mac OS X 10.3 (Panther) has been released to address multiple new and previously known vulnerabilities. These issues may cumulatively allow an attacker to cause denial of service, arbitrary code execution, privilege escalation and unauthorized access. The name of the core file is core.PID(*) , the owner of this file is ROOT, and the setting permission is 0400. Since /cores is globally writable by default, and the name of the core file is predictable, an attacker can establish a symbolic link to point to an important system file. When an application generates a CORE file, the system file will be overwritten, which may elevate privileges or cause denial of service. attack

Trust: 1.53

sources: NVD: CVE-2003-0877 // BID: 8914 // BID: 8917 // VULHUB: VHN-7702

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.0.1	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.1.1	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.8	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.1.3	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.1.5	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.1.2	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.0.3	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.0	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.1.4	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.0.2	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.7	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.0.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.3	Trust: 1.0
vendor:	apple	model:	mac os	scope:	ne	version:	x10.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.1	Trust: 0.3

sources: BID: 8914 // BID: 8917 // CNNVD: CNNVD-200311-012 // NVD: CVE-2003-0877

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2003-0877
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200311-012
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-7702
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2003-0877
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-7702
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-7702 // CNNVD: CNNVD-200311-012 // NVD: CVE-2003-0877

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-0877

THREAT TYPE

local

Trust: 0.9

sources: BID: 8914 // CNNVD: CNNVD-200311-012

TYPE

Configuration Error

Trust: 0.9

sources: BID: 8914 // CNNVD: CNNVD-200311-012

EXTERNAL IDS

db:	NVD	id:	CVE-2003-0877	Trust: 2.0
db:	BID	id:	8914	Trust: 2.0
db:	BID	id:	8917	Trust: 2.0
db:	CNNVD	id:	CNNVD-200311-012	Trust: 0.7
db:	ATSTAKE	id:	A102803-1	Trust: 0.6
db:	XF	id:	13542	Trust: 0.6
db:	VULHUB	id:	VHN-7702	Trust: 0.1

sources: VULHUB: VHN-7702 // BID: 8914 // BID: 8917 // CNNVD: CNNVD-200311-012 // NVD: CVE-2003-0877

REFERENCES

url:	http://www.atstake.com/research/advisories/2003/a102803-1.txt	Trust: 1.7
url:	http://www.securityfocus.com/bid/8914	Trust: 1.7
url:	http://www.securityfocus.com/bid/8917	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/13542	Trust: 1.1
url:	/archive/1/342730	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/13542	Trust: 0.6
url:	http://www.apple.com/macosx/	Trust: 0.3

sources: VULHUB: VHN-7702 // BID: 8914 // BID: 8917 // CNNVD: CNNVD-200311-012 // NVD: CVE-2003-0877

CREDITS

Discovery credited to Dave G.

Trust: 0.3

sources: BID: 8914

SOURCES

db:	VULHUB	id:	VHN-7702
db:	BID	id:	8914
db:	BID	id:	8917
db:	CNNVD	id:	CNNVD-200311-012
db:	NVD	id:	CVE-2003-0877

LAST UPDATE DATE

2024-08-14T15:31:13.828000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-7702	date:	2017-07-11T00:00:00
db:	BID	id:	8914	date:	2009-07-11T23:56:00
db:	BID	id:	8917	date:	2003-10-28T00:00:00
db:	CNNVD	id:	CNNVD-200311-012	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2003-0877	date:	2017-07-11T01:29:37.790

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-7702	date:	2003-11-03T00:00:00
db:	BID	id:	8914	date:	2003-10-28T00:00:00
db:	BID	id:	8917	date:	2003-10-28T00:00:00
db:	CNNVD	id:	CNNVD-200311-012	date:	2003-10-28T00:00:00
db:	NVD	id:	CVE-2003-0877	date:	2003-11-03T05:00:00