Sign-up

ID

VAR-200505-0905


CVE

CVE-2005-0125


TITLE

Apple Mac OS X vulnerable to information disclosure in "Message-ID" header

Trust: 0.8

sources: CERT/CC: VU#464662

DESCRIPTION

The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user. The Mail application supplied with Apple's Mac OS X operating system identifies the system from which any electronic mail is sent. Apple's Mac OS X operating system contains a flaw in the handling of ICC color profiles, which may allow arbitrary code execution through a heap-based buffer overflow. These issues are due to a failure of the application to properly implement access controls on job schedule files. An attacker may leverage these issues to read and delete arbitrary files and execute applications on an affected computer with superuser privileges. Information revealed in this way may lead to further attacks. Mac OS X is a BSD-based operating system

Trust: 3.42

sources: NVD: CVE-2005-0125 // CERT/CC: VU#464662 // CERT/CC: VU#678150 // CERT/CC: VU#980078 // BID: 12297 // VULHUB: VHN-11334

AFFECTED PRODUCTS

vendor:apple computermodel: - scope: - version: -

Trust: 2.4

vendor:applemodel:mac os xscope:eqversion:10.3.7

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.3.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.3.7

Trust: 1.6

vendor:applemodel:mac os serverscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.3.8

Trust: 0.3

sources: CERT/CC: VU#464662 // CERT/CC: VU#678150 // CERT/CC: VU#980078 // BID: 12297 // CNNVD: CNNVD-200505-512 // NVD: CVE-2005-0125

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-0125
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#464662
value: 2.81

Trust: 0.8

CARNEGIE MELLON: VU#678150
value: 8.10

Trust: 0.8

CARNEGIE MELLON: VU#980078
value: 4.13

Trust: 0.8

CNNVD: CNNVD-200505-512
value: HIGH

Trust: 0.6

VULHUB: VHN-11334
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2005-0125
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-11334
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#464662 // CERT/CC: VU#678150 // CERT/CC: VU#980078 // VULHUB: VHN-11334 // CNNVD: CNNVD-200505-512 // NVD: CVE-2005-0125

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0125

THREAT TYPE

local

Trust: 0.9

sources: BID: 12297 // CNNVD: CNNVD-200505-512

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200505-512

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-11334

EXTERNAL IDS
db:CERT/CCid:VU#678150
Trust: 2.5
db:SECUNIAid:14005
Trust: 2.4
db:NVDid:CVE-2005-0125
Trust: 2.0
db:CERT/CCid:VU#464662
Trust: 0.8
db:CERT/CCid:VU#980078
Trust: 0.8
db:CNNVDid:CNNVD-200505-512
Trust: 0.7
db:APPLEid:APPLE-SA-2005-01-25
Trust: 0.6
db:XFid:18981
Trust: 0.6
db:BUGTRAQid:20050127 DMA[2005-0127A] - 'APPLE OSX BATCH FAMILY POOR USE OF SETUID'
Trust: 0.6
db:BIDid:12297
Trust: 0.4
db:PACKETSTORMid:35929
Trust: 0.1
db:VULHUBid:VHN-11334
Trust: 0.1
sources:
            
            
            CERT/CC: VU#464662 // 
            
            
            
            CERT/CC: VU#678150 // 
            
            
            
            CERT/CC: VU#980078 // 
            
            
            
            VULHUB: VHN-11334 // 
            
            
            
            BID: 12297 // 
            
            
            
            CNNVD: CNNVD-200505-512 // 
            
            
            
            NVD: CVE-2005-0125

REFERENCES
url:http://lists.apple.com/archives/security-announce/2005/jan/msg00001.html
Trust: 2.5
url:http://docs.info.apple.com/article.html?artnum=300770
Trust: 2.4
url:http://secunia.com/advisories/14005/
Trust: 2.4
url:http://www.kb.cert.org/vuls/id/678150
Trust: 1.7
url:http://www.digitalmunition.com/dma%5b2005-0127a%5d.txt
Trust: 1.7
url:http://www.immunitysec.com/downloads/nukido.pdf
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/18981
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=110685027017411&w=2
Trust: 1.0
url:http://www.immunitysec.com/resources-advisories.shtml
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/18981
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=110685027017411&w=2
Trust: 0.6
url:http://www.apple.com/macosx/
Trust: 0.3
url:/archive/1/388516
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=110685027017411&w=2
Trust: 0.1
url: - 
Trust: 0.1
sources:
            
            
            CERT/CC: VU#464662 // 
            
            
            
            CERT/CC: VU#678150 // 
            
            
            
            CERT/CC: VU#980078 // 
            
            
            
            VULHUB: VHN-11334 // 
            
            
            
            BID: 12297 // 
            
            
            
            CNNVD: CNNVD-200505-512 // 
            
            
            
            NVD: CVE-2005-0125

CREDITS
Kevin Finisterre  dotslash@snosoft.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200505-512

SOURCES
db:CERT/CCid:VU#464662
db:CERT/CCid:VU#678150
db:CERT/CCid:VU#980078
db:VULHUBid:VHN-11334
db:BIDid:12297
db:CNNVDid:CNNVD-200505-512
db:NVDid:CVE-2005-0125

LAST UPDATE DATE
2024-08-14T12:32:16.042000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#464662date:2005-01-31T00:00:00
db:CERT/CCid:VU#678150date:2005-01-28T00:00:00
db:CERT/CCid:VU#980078date:2005-01-27T00:00:00
db:VULHUBid:VHN-11334date:2018-08-13T00:00:00
db:BIDid:12297date:2009-07-12T10:06:00
db:CNNVDid:CNNVD-200505-512date:2005-10-20T00:00:00
db:NVDid:CVE-2005-0125date:2023-11-07T01:57:10.180

SOURCES RELEASE DATE
db:CERT/CCid:VU#464662date:2005-01-31T00:00:00
db:CERT/CCid:VU#678150date:2005-01-27T00:00:00
db:CERT/CCid:VU#980078date:2005-01-27T00:00:00
db:VULHUBid:VHN-11334date:2005-05-02T00:00:00
db:BIDid:12297date:2005-01-18T00:00:00
db:CNNVDid:CNNVD-200505-512date:2005-01-26T00:00:00
db:NVDid:CVE-2005-0125date:2005-05-02T04:00:00