Sign-up

ID

VAR-200505-0352


CVE

CVE-2005-1333


TITLE

Apple Mac OS X BlueTooth Directory Traversal Vulnerability

Trust: 0.9

sources: BID: 13491 // CNNVD: CNNVD-200505-904

DESCRIPTION

Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. Apple Mac OS X is prone to a directory-traversal vulnerability. This issue was initially reported in BID 13480 (Apple Mac OS X Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a new BID. Apple has supported Bluetooth devices since Mac OSX 10.2

Trust: 1.35

sources: NVD: CVE-2005-1333 // BID: 13491 // VULHUB: VHN-12542 // VULMON: CVE-2005-1333

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.3.9

Trust: 1.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.3.9

Trust: 0.3

sources: BID: 13491 // CNNVD: CNNVD-200505-904 // NVD: CVE-2005-1333

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-1333
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200505-904
value: MEDIUM

Trust: 0.6

VULHUB: VHN-12542
value: MEDIUM

Trust: 0.1

VULMON: CVE-2005-1333
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2005-1333
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-12542
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-12542 // VULMON: CVE-2005-1333 // CNNVD: CNNVD-200505-904 // NVD: CVE-2005-1333

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1333

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-904

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-200505-904

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-12542 // 
            
            
            
            VULMON: CVE-2005-1333

PATCH
title:Securelisturl:https://securelist.com/kaspersky-security-bulletin-2006-malware-for-unix-type-systems/36131/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2005-1333

EXTERNAL IDS
db:BIDid:13491
Trust: 2.1
db:NVDid:CVE-2005-1333
Trust: 2.1
db:CNNVDid:CNNVD-200505-904
Trust: 0.7
db:APPLEid:APPLE-SA-2005-05-03
Trust: 0.6
db:APPLEid:APPLE-SA-2005-06-08
Trust: 0.6
db:EXPLOIT-DBid:25598
Trust: 0.2
db:SEEBUGid:SSVID-79256
Trust: 0.1
db:VULHUBid:VHN-12542
Trust: 0.1
db:VULMONid:CVE-2005-1333
Trust: 0.1
sources:
            
            
            VULHUB: VHN-12542 // 
            
            
            
            VULMON: CVE-2005-1333 // 
            
            
            
            BID: 13491 // 
            
            
            
            CNNVD: CNNVD-200505-904 // 
            
            
            
            NVD: CVE-2005-1333

REFERENCES
url:http://www.digitalmunition.com/dma%5b2005-0502a%5d.txt
Trust: 2.1
url:http://www.securityfocus.com/bid/13491
Trust: 1.9
url:http://lists.apple.com/archives/security-announce/2005/may/msg00001.html
Trust: 1.8
url:http://lists.apple.com/archives/security-announce/2005/jun/msg00000.html
Trust: 1.8
url:http://www.apple.com
Trust: 0.3
url:/archive/1/402262
Trust: 0.3
url:/archive/1/449505
Trust: 0.3
url:/archive/1/449513
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=9166
Trust: 0.1
url:https://www.exploit-db.com/exploits/25598/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-12542 // 
            
            
            
            VULMON: CVE-2005-1333 // 
            
            
            
            BID: 13491 // 
            
            
            
            CNNVD: CNNVD-200505-904 // 
            
            
            
            NVD: CVE-2005-1333

CREDITS
Kevin Finisterreā€» dotslash@snosoft.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200505-904

SOURCES
db:VULHUBid:VHN-12542
db:VULMONid:CVE-2005-1333
db:BIDid:13491
db:CNNVDid:CNNVD-200505-904
db:NVDid:CVE-2005-1333

LAST UPDATE DATE
2024-08-14T12:51:03.436000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-12542date:2008-09-05T00:00:00
db:VULMONid:CVE-2005-1333date:2008-09-05T00:00:00
db:BIDid:13491date:2006-11-06T20:37:00
db:CNNVDid:CNNVD-200505-904date:2006-10-30T00:00:00
db:NVDid:CVE-2005-1333date:2008-09-05T20:48:52.187

SOURCES RELEASE DATE
db:VULHUBid:VHN-12542date:2005-05-04T00:00:00
db:VULMONid:CVE-2005-1333date:2005-05-04T00:00:00
db:BIDid:13491date:2005-05-04T00:00:00
db:CNNVDid:CNNVD-200505-904date:2005-05-04T00:00:00
db:NVDid:CVE-2005-1333date:2005-05-04T04:00:00