ID
VAR-200505-1084
CVE
CVE-2005-0971
TITLE
Apple Mac OS X Kernel Semop Local Stack Buffer Overflow Vulnerability
Trust: 0.6
DESCRIPTION
Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. A kernel stack overflow that presents itself in the 'semop()' system call exists in the Apple Mac OS X kernel. This is due to a failure of the affected function to properly handle certain user-supplied arguments. Exploitation of this issue will facilitate code execution with kernel level (ring 0) privileges. It should be noted that this issue was previously reported in BID 13203 (Apple Mac OS X Kernel Multiple Local Privilege Escalation And Denial Of Service Vulnerabilities); it has been assigned its own BID
Trust: 1.26
AFFECTED PRODUCTS
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.6 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.7 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.4 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.3 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.1 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.9 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.2 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.5 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.8 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.1.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.1.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.1.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.1.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.0 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | ne | version: | x10.3.9 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.1.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | ne | version: | x10.3.9 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.03 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-Other | Trust: 1.0 |
THREAT TYPE
local
Trust: 0.9
TYPE
buffer overflow
Trust: 0.6
EXTERNAL IDS
| db: | NVD | id: | CVE-2005-0971 | Trust: 2.0 |
| db: | CERT/CC | id: | VU#212190 | Trust: 1.7 |
| db: | CNNVD | id: | CNNVD-200505-1001 | Trust: 0.7 |
| db: | APPLE | id: | APPLE-SA-2005-04-15 | Trust: 0.6 |
| db: | BID | id: | 13225 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-12180 | Trust: 0.1 |
REFERENCES
| url: | http://lists.apple.com/archives/security-announce/2005/apr/msg00000.html | Trust: 1.7 |
| url: | http://www.kb.cert.org/vuls/id/212190 | Trust: 1.7 |
| url: | http://www.apple.com/macosx/ | Trust: 0.3 |
CREDITS
Apple
Trust: 0.6
SOURCES
| db: | VULHUB | id: | VHN-12180 |
| db: | BID | id: | 13225 |
| db: | CNNVD | id: | CNNVD-200505-1001 |
| db: | NVD | id: | CVE-2005-0971 |
LAST UPDATE DATE
2024-08-14T13:40:13.093000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-12180 | date: | 2008-09-05T00:00:00 |
| db: | BID | id: | 13225 | date: | 2009-07-12T14:06:00 |
| db: | CNNVD | id: | CNNVD-200505-1001 | date: | 2005-10-20T00:00:00 |
| db: | NVD | id: | CVE-2005-0971 | date: | 2008-09-05T20:47:50.003 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-12180 | date: | 2005-05-12T00:00:00 |
| db: | BID | id: | 13225 | date: | 2005-04-15T00:00:00 |
| db: | CNNVD | id: | CNNVD-200505-1001 | date: | 2005-05-12T00:00:00 |
| db: | NVD | id: | CVE-2005-0971 | date: | 2005-05-12T04:00:00 |