Sign-up

ID

VAR-200403-0085


CVE

CVE-2003-1011


TITLE

MacOS X local root User privilege escalation vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200403-123

DESCRIPTION

Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell. It has been reported that an attacker with a specific hardware configuration may be capable of gaining root privileges on MacOS X. The problem is said to occur when a user on a system with a USB keyboard, holds a specific key sequence down for an unspecified length. This is said to effectively crash the init process, and drop the user into a shell with root privileges. Mac OS X is an operating system used on Mac machines, based on the BSD system

Trust: 1.26

sources: NVD: CVE-2003-1011 // BID: 8945 // VULHUB: VHN-7836

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.2.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.1

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.3

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.1.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.8

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.7

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.6

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.0.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.3

Trust: 1.0

vendor:applemodel:mac osscope:neversion:x10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1

Trust: 0.3

sources: BID: 8945 // CNNVD: CNNVD-200403-123 // NVD: CVE-2003-1011

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2003-1011
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200403-123
value: HIGH

Trust: 0.6

VULHUB: VHN-7836
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2003-1011
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-7836
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-7836 // CNNVD: CNNVD-200403-123 // NVD: CVE-2003-1011

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-1011

THREAT TYPE

local

Trust: 0.9

sources: BID: 8945 // CNNVD: CNNVD-200403-123

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200403-123

EXTERNAL IDS

db:BIDid:8945

Trust: 2.0

db:NVDid:CVE-2003-1011

Trust: 2.0

db:CNNVDid:CNNVD-200403-123

Trust: 0.7

db:XFid:13573

Trust: 0.6

db:BUGTRAQid:20031031 CONSOLE ROOT ON OSX UP TO 10.2.8

Trust: 0.6

db:VULHUBid:VHN-7836

Trust: 0.1

sources: VULHUB: VHN-7836 // BID: 8945 // CNNVD: CNNVD-200403-123 // NVD: CVE-2003-1011

REFERENCES

url:http://www.securityfocus.com/bid/8945

Trust: 1.7

url:http://www.securityfocus.com/archive/1/343087

Trust: 1.7

url:http://docs.info.apple.com/article.html?artnum=61798

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/13573

Trust: 1.1

url:http://xforce.iss.net/xforce/xfdb/13573

Trust: 0.6

url:http://docs.info.apple.com/article.html?artnum=120291

Trust: 0.3

url:http://docs.info.apple.com/article.html?artnum=120292

Trust: 0.3

url:/archive/1/343087

Trust: 0.3

sources: VULHUB: VHN-7836 // BID: 8945 // CNNVD: CNNVD-200403-123 // NVD: CVE-2003-1011

CREDITS

Jason Storm※ jms@lasergun.org

Trust: 0.6

sources: CNNVD: CNNVD-200403-123

SOURCES

db:VULHUBid:VHN-7836
db:BIDid:8945
db:CNNVDid:CNNVD-200403-123
db:NVDid:CVE-2003-1011

LAST UPDATE DATE

2024-08-14T15:20:17.624000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-7836date:2017-07-11T00:00:00
db:BIDid:8945date:2009-07-12T00:56:00
db:CNNVDid:CNNVD-200403-123date:2005-10-20T00:00:00
db:NVDid:CVE-2003-1011date:2017-07-11T01:29:39.883

SOURCES RELEASE DATE

db:VULHUBid:VHN-7836date:2004-03-29T00:00:00
db:BIDid:8945date:2003-10-31T00:00:00
db:CNNVDid:CNNVD-200403-123date:2003-10-31T00:00:00
db:NVDid:CVE-2003-1011date:2004-03-29T05:00:00