Sign-up

ID

VAR-200506-0227


CVE

CVE-2005-1725


TITLE

Apple Mac OS X 'launchd 106' Security hole

Trust: 0.6

sources: CNNVD: CNNVD-200506-047

DESCRIPTION

launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory. Apple has released Security Update 2005-006 to address multiple local and remote Mac OS X vulnerabilities. The following new vulnerabilities were addressed by the security update: - A buffer overflow (CAN-2005-1721) in the AFP (Apple File Protocol) Server. - A vulnerability (CAN-2005-1720) in AFP Server related to temporary ACLs. - A denial of service vulnerability (CAN-2005-1722) in the CoreGraphics component. - A local privilege escalation (CAN-2005-1726) in the CoreGraphics component. - A local race condition vulnerability (CAN-2005-1727) related to permissions on the system cache and Dashboard folders. - A local privilege escalation vulnerability (CAN-2005-1725) in the launch daemon (launchd). - A vulnerability in Launch Services (CAN-2005-1723) could allow files to bypass "safe download" checks. - A vulnerability (CAN-2005-1728) in the MCX Client that may allow local attackers to gain access to Portable Home Directory credentials. - A vulnerability in NFS (CAN-2005-1724) could allow unauthorized access to exported filesystems. These vulnerabilities will be separated into individual BIDs upon further analysis of the issues

Trust: 1.26

sources: NVD: CVE-2005-1725 // BID: 13899 // VULHUB: VHN-12934

AFFECTED PRODUCTS

vendor:applemodel:mac os x serverscope:eqversion:10.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.1

Trust: 1.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

sources: BID: 13899 // CNNVD: CNNVD-200506-047 // NVD: CVE-2005-1725

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-1725
value: LOW

Trust: 1.0

CNNVD: CNNVD-200506-047
value: LOW

Trust: 0.6

VULHUB: VHN-12934
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2005-1725
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-12934
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-12934 // CNNVD: CNNVD-200506-047 // NVD: CVE-2005-1725

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1725

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200506-047

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200506-047

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-12934

EXTERNAL IDS
db:NVDid:CVE-2005-1725
Trust: 2.0
db:CNNVDid:CNNVD-200506-047
Trust: 0.7
db:APPLEid:APPLE-SA-2005-06-08
Trust: 0.6
db:BUGTRAQid:20050608 [ SURESEC ADVISORIES ] - MAC OS X 10.4 - LAUNCHD LOCAL ROOT VULNERABILITY
Trust: 0.6
db:BIDid:13899
Trust: 0.3
db:EXPLOIT-DBid:1043
Trust: 0.1
db:VULHUBid:VHN-12934
Trust: 0.1
sources:
            
            
            VULHUB: VHN-12934 // 
            
            
            
            BID: 13899 // 
            
            
            
            CNNVD: CNNVD-200506-047 // 
            
            
            
            NVD: CVE-2005-1725

REFERENCES
url:http://www.suresec.org/advisories/adv3.pdf
Trust: 2.0
url:http://lists.apple.com/archives/security-announce/2005/jun/msg00000.html
Trust: 1.7
url:http://marc.info/?l=bugtraq&m=111833509424379&w=2
Trust: 1.0
url:http://marc.theaimsgroup.com/?l=bugtraq&m=111833509424379&w=2
Trust: 0.6
url:http://www.apple.com/macosx/
Trust: 0.3
url:http://www.info.apple.com/usen/security/security_updates.html
Trust: 0.3
url:http://www.apple.com
Trust: 0.3
url:/archive/1/401822
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=111833509424379&w=2
Trust: 0.1
sources:
            
            
            VULHUB: VHN-12934 // 
            
            
            
            BID: 13899 // 
            
            
            
            CNNVD: CNNVD-200506-047 // 
            
            
            
            NVD: CVE-2005-1725

CREDITS
Discovery of the CoreGraphics issue is credited to Chris Evans.  Discovery of the folder permissions issue is credited to Michael Haller.  Discovery of the launchd issue is credited to Neil Archibald and Ilja Van Sprundel.  Other issues were announced by
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200506-047

SOURCES
db:VULHUBid:VHN-12934
db:BIDid:13899
db:CNNVDid:CNNVD-200506-047
db:NVDid:CVE-2005-1725

LAST UPDATE DATE
2024-08-14T12:32:47.474000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-12934date:2016-10-18T00:00:00
db:BIDid:13899date:2009-07-12T14:56:00
db:CNNVDid:CNNVD-200506-047date:2005-10-20T00:00:00
db:NVDid:CVE-2005-1725date:2016-10-18T03:22:05.297

SOURCES RELEASE DATE
db:VULHUBid:VHN-12934date:2005-06-08T00:00:00
db:BIDid:13899date:2005-06-08T00:00:00
db:CNNVDid:CNNVD-200506-047date:2005-06-08T00:00:00
db:NVDid:CVE-2005-1725date:2005-06-08T04:00:00