Details of VAR-200403-0070

ID

VAR-200403-0070

CVE

CVE-2004-0168

TITLE

Apple Mac OS X contains a vulnerability in DiskArbitration when initializing writable removable media

Trust: 0.8

sources: CERT/CC: VU#578886

DESCRIPTION

Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging.". Apple Mac OS X Safari fails to properly display URLs in the status bar. The individual security issues include: Improved notification logging (CAN-2004-0168). Undisclosed DiskArbitration security improvements for handling writeable removable media (CAN-2004-0167). Undisclosed IPSec key exchange issue (CAN-2004-0164). pppd daemon format string vulnerability described in BID 9730(Apple Mac OS X PPPD Format String Memory Disclosure Vulnerability) (CAN-2004-0165). Unspecified security vulnerability (CAN-2004-0089) in QuickTime Streaming Server that is related to handling of request data. URI display issue (CAN-2004-0166) in the Safari web browser. Finally 3 vulnerabilities in tcpdump. These issues are described in BID 9507(TCPDump ISAKMP Decoding Routines Denial Of Service Vulnerability), BID 7090(TCPDump Malformed RADIUS Packet Denial Of Service Vulnerability) and BID 9423(TCPDump ISAKMP Decoding Routines Multiple Remote Buffer Overflow Vulnerabilities). These issues are currently undergoing further analysis. Where it is appropriate, each individual issue will be assigned a unique BID and any existing BIDs will be updated accordingly to reflect the release of this Security Update. A local attacker could exploit this vulnerability to read part of the pppd process memory information. However, this format string problem does not allow the use of \\%n to attack, but due to the lack of filtering when receiving command line parameters, the format string problem can be triggered when submitted to the vslprintf() function, and the part of the pppd process memory can be obtained by using this problem Information, such as PAP or CHAP authentication information

Trust: 3.42

sources: NVD: CVE-2004-0168 // CERT/CC: VU#578886 // CERT/CC: VU#194238 // JVNDB: JVNDB-2004-000768 // BID: 9731 // VULHUB: VHN-8598

AFFECTED PRODUCTS

vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.2	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.8	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3.2	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.8	Trust: 1.6
vendor:	アップル	model:	apple mac os x server	scope:	eq	version:	10.3.2	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	server 10.3.2	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	10.2.8	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	server 10.2.8	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	10.3.2	Trust: 0.8
vendor:	アップル	model:	apple mac os x server	scope:	eq	version:	10.2.8	Trust: 0.8
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.03	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1	Trust: 0.3

sources: CERT/CC: VU#578886 // CERT/CC: VU#194238 // BID: 9731 // JVNDB: JVNDB-2004-000768 // CNNVD: CNNVD-200403-054 // NVD: CVE-2004-0168

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-0168
value:	HIGH
Trust: 1.0
NVD:	CVE-2004-0168
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200403-054
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-8598
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-0168
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-8598
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-8598 // JVNDB: JVNDB-2004-000768 // CNNVD: CNNVD-200403-054 // NVD: CVE-2004-0168

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2004-000768 // NVD: CVE-2004-0168

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200403-054

TYPE

Unknown

Trust: 0.9

sources: BID: 9731 // CNNVD: CNNVD-200403-054

PATCH

title:

lists.apple.com (msg00000)

url:

https://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html

Trust: 0.8

sources: JVNDB: JVNDB-2004-000768

EXTERNAL IDS

db:	SECUNIA	id:	10959	Trust: 4.1
db:	NVD	id:	CVE-2004-0168	Trust: 3.6
db:	CERT/CC	id:	VU#578886	Trust: 0.8
db:	CERT/CC	id:	VU#194238	Trust: 0.8
db:	JVNDB	id:	JVNDB-2004-000768	Trust: 0.8
db:	CNNVD	id:	CNNVD-200403-054	Trust: 0.7
db:	XF	id:	15299	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2004-02-23	Trust: 0.6
db:	BID	id:	9731	Trust: 0.3
db:	VULHUB	id:	VHN-8598	Trust: 0.1

sources: CERT/CC: VU#578886 // CERT/CC: VU#194238 // VULHUB: VHN-8598 // BID: 9731 // JVNDB: JVNDB-2004-000768 // CNNVD: CNNVD-200403-054 // NVD: CVE-2004-0168

REFERENCES

url:	http://secunia.com/advisories/10959/	Trust: 4.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/15299	Trust: 1.9
url:	http://lists.apple.com/archives/security-announce/2004/feb/msg00000.html	Trust: 1.7
url:	http://www.apple.com/support/security/security_updates.html	Trust: 1.6
url:	http://xforce.iss.net/xforce/xfdb/15299	Trust: 1.2
url:	https://nvd.nist.gov/vuln/detail/cve-2004-0168	Trust: 0.8

sources: CERT/CC: VU#578886 // CERT/CC: VU#194238 // VULHUB: VHN-8598 // JVNDB: JVNDB-2004-000768 // CNNVD: CNNVD-200403-054 // NVD: CVE-2004-0168

CREDITS

Dave G※ daveg@atstake.com

Trust: 0.6

sources: CNNVD: CNNVD-200403-054

SOURCES

db:	CERT/CC	id:	VU#578886
db:	CERT/CC	id:	VU#194238
db:	VULHUB	id:	VHN-8598
db:	BID	id:	9731
db:	JVNDB	id:	JVNDB-2004-000768
db:	CNNVD	id:	CNNVD-200403-054
db:	NVD	id:	CVE-2004-0168

LAST UPDATE DATE

2024-08-14T13:06:27.409000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#578886	date:	2004-03-19T00:00:00
db:	CERT/CC	id:	VU#194238	date:	2004-02-25T00:00:00
db:	VULHUB	id:	VHN-8598	date:	2018-09-26T00:00:00
db:	BID	id:	9731	date:	2009-07-12T03:06:00
db:	JVNDB	id:	JVNDB-2004-000768	date:	2024-05-30T06:34:00
db:	CNNVD	id:	CNNVD-200403-054	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-0168	date:	2018-09-26T15:58:54.513

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#578886	date:	2004-02-25T00:00:00
db:	CERT/CC	id:	VU#194238	date:	2004-02-25T00:00:00
db:	VULHUB	id:	VHN-8598	date:	2004-03-15T00:00:00
db:	BID	id:	9731	date:	2004-02-24T00:00:00
db:	JVNDB	id:	JVNDB-2004-000768	date:	2024-05-30T00:00:00
db:	CNNVD	id:	CNNVD-200403-054	date:	2003-07-18T00:00:00
db:	NVD	id:	CVE-2004-0168	date:	2004-03-15T05:00:00