Details of VAR-200608-0033

ID

VAR-200608-0033

CVE

CVE-2006-3500

TITLE

Apple Mac OS X AFP server may disclose file and folder information in search results

Trust: 0.8

sources: CERT/CC: VU#708340

DESCRIPTION

The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability. These issue affect Mac OS X and various applications including AFP Server, Bluetooth, Bom, DHCP, Image RAW, ImageIO, Launch Services, OpenSSH, and WebKit. A remote attacker may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and disclose potentially sensitive information

Trust: 7.11

sources: NVD: CVE-2006-3500 // CERT/CC: VU#708340 // CERT/CC: VU#776628 // CERT/CC: VU#514740 // CERT/CC: VU#566132 // CERT/CC: VU#651844 // CERT/CC: VU#605908 // CERT/CC: VU#172244 // JVNDB: JVNDB-2006-001015 // BID: 19289 // VULHUB: VHN-19608 // VULMON: CVE-2006-3500

AFFECTED PRODUCTS

vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 4.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.4.7	Trust: 2.4
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.4.7	Trust: 1.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.4	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	1.0.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	cosmicperl	model:	directory pro	scope:	eq	version:	10.0.3	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.03	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.3	Trust: 0.3

sources: CERT/CC: VU#708340 // CERT/CC: VU#514740 // CERT/CC: VU#566132 // CERT/CC: VU#651844 // CERT/CC: VU#605908 // CERT/CC: VU#172244 // BID: 19289 // JVNDB: JVNDB-2006-001015 // CNNVD: CNNVD-200608-042 // NVD: CVE-2006-3500

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-3500
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#776628
value:	0.13
Trust: 0.8
CARNEGIE MELLON:	VU#514740
value:	0.48
Trust: 0.8
CARNEGIE MELLON:	VU#566132
value:	1.64
Trust: 0.8
CARNEGIE MELLON:	VU#651844
value:	7.43
Trust: 0.8
CARNEGIE MELLON:	VU#605908
value:	8.78
Trust: 0.8
CARNEGIE MELLON:	VU#172244
value:	7.43
Trust: 0.8
NVD:	CVE-2006-3500
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200608-042
value:	HIGH
Trust: 0.6
VULHUB:	VHN-19608
value:	HIGH
Trust: 0.1
VULMON:	CVE-2006-3500
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2006-3500
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-19608
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#776628 // CERT/CC: VU#514740 // CERT/CC: VU#566132 // CERT/CC: VU#651844 // CERT/CC: VU#605908 // CERT/CC: VU#172244 // VULHUB: VHN-19608 // VULMON: CVE-2006-3500 // JVNDB: JVNDB-2006-001015 // CNNVD: CNNVD-200608-042 // NVD: CVE-2006-3500

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3500

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200608-042

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200608-042

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-001015

PATCH

title:

APPLE-SA-2006-08-01

url:

http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

Trust: 0.8

sources: JVNDB: JVNDB-2006-001015

EXTERNAL IDS

db:	SECUNIA	id:	21253	Trust: 6.6
db:	NVD	id:	CVE-2006-3500	Trust: 2.9
db:	USCERT	id:	TA06-214A	Trust: 2.6
db:	BID	id:	19289	Trust: 2.1
db:	OSVDB	id:	27738	Trust: 1.8
db:	VUPEN	id:	ADV-2006-3101	Trust: 1.8
db:	CERT/CC	id:	VU#708340	Trust: 1.1
db:	CERT/CC	id:	VU#776628	Trust: 1.1
db:	CERT/CC	id:	VU#514740	Trust: 1.1
db:	CERT/CC	id:	VU#566132	Trust: 1.1
db:	CERT/CC	id:	VU#651844	Trust: 1.1
db:	CERT/CC	id:	VU#605908	Trust: 1.1
db:	CERT/CC	id:	VU#172244	Trust: 1.1
db:	JVNDB	id:	JVNDB-2006-001015	Trust: 0.8
db:	CNNVD	id:	CNNVD-200608-042	Trust: 0.7
db:	CERT/CC	id:	TA06-214A	Trust: 0.6
db:	XF	id:	28141	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2006-08-01	Trust: 0.6
db:	VULHUB	id:	VHN-19608	Trust: 0.1
db:	VULMON	id:	CVE-2006-3500	Trust: 0.1

sources: CERT/CC: VU#708340 // CERT/CC: VU#776628 // CERT/CC: VU#514740 // CERT/CC: VU#566132 // CERT/CC: VU#651844 // CERT/CC: VU#605908 // CERT/CC: VU#172244 // VULHUB: VHN-19608 // VULMON: CVE-2006-3500 // BID: 19289 // JVNDB: JVNDB-2006-001015 // CNNVD: CNNVD-200608-042 // NVD: CVE-2006-3500

REFERENCES

url:	http://docs.info.apple.com/article.html?artnum=304063	Trust: 4.8
url:	http://secunia.com/advisories/21253/	Trust: 4.8
url:	http://www.us-cert.gov/cas/techalerts/ta06-214a.html	Trust: 2.6
url:	http://lists.apple.com/archives/security-announce/2006//aug/msg00000.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/19289	Trust: 1.8
url:	http://www.osvdb.org/27738	Trust: 1.8
url:	http://secunia.com/advisories/21253	Trust: 1.8
url:	http://www.vupen.com/english/advisories/2006/3101	Trust: 1.2
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/28141	Trust: 1.2
url:	http://manuals.info.apple.com/en/macosxsrvr10.3_systemimageadmin.pdf	Trust: 0.8
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3500	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3500	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/28141	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2006/3101	Trust: 0.6
url:	http://www.info.apple.com/usen/security/security_updates.html	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/172244	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/514740	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/566132	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/605908	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/651844	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/776628	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/708340	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=11450	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

CREDITS

Dino Dai Zovi ddaizovi@atstake.com Tom Ferris tommy@security-protocols.com Neil ArchibaldRob MiddletonGael DelalleauJesse Ruderman jruderman@gmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200608-042

SOURCES

db:	CERT/CC	id:	VU#708340
db:	CERT/CC	id:	VU#776628
db:	CERT/CC	id:	VU#514740
db:	CERT/CC	id:	VU#566132
db:	CERT/CC	id:	VU#651844
db:	CERT/CC	id:	VU#605908
db:	CERT/CC	id:	VU#172244
db:	VULHUB	id:	VHN-19608
db:	VULMON	id:	CVE-2006-3500
db:	BID	id:	19289
db:	JVNDB	id:	JVNDB-2006-001015
db:	CNNVD	id:	CNNVD-200608-042
db:	NVD	id:	CVE-2006-3500

LAST UPDATE DATE

2024-09-20T22:22:22.573000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#708340	date:	2007-01-29T00:00:00
db:	CERT/CC	id:	VU#776628	date:	2006-08-03T00:00:00
db:	CERT/CC	id:	VU#514740	date:	2006-08-02T00:00:00
db:	CERT/CC	id:	VU#566132	date:	2006-08-02T00:00:00
db:	CERT/CC	id:	VU#651844	date:	2006-08-14T00:00:00
db:	CERT/CC	id:	VU#605908	date:	2006-08-14T00:00:00
db:	CERT/CC	id:	VU#172244	date:	2006-08-14T00:00:00
db:	VULHUB	id:	VHN-19608	date:	2017-07-20T00:00:00
db:	VULMON	id:	CVE-2006-3500	date:	2017-07-20T00:00:00
db:	BID	id:	19289	date:	2007-11-15T00:35:00
db:	JVNDB	id:	JVNDB-2006-001015	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200608-042	date:	2006-08-26T00:00:00
db:	NVD	id:	CVE-2006-3500	date:	2017-07-20T01:32:21.227

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#708340	date:	2007-01-29T00:00:00
db:	CERT/CC	id:	VU#776628	date:	2006-08-02T00:00:00
db:	CERT/CC	id:	VU#514740	date:	2006-08-02T00:00:00
db:	CERT/CC	id:	VU#566132	date:	2006-08-02T00:00:00
db:	CERT/CC	id:	VU#651844	date:	2006-08-02T00:00:00
db:	CERT/CC	id:	VU#605908	date:	2006-08-02T00:00:00
db:	CERT/CC	id:	VU#172244	date:	2006-08-02T00:00:00
db:	VULHUB	id:	VHN-19608	date:	2006-08-03T00:00:00
db:	VULMON	id:	CVE-2006-3500	date:	2006-08-03T00:00:00
db:	BID	id:	19289	date:	2006-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2006-001015	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200608-042	date:	2005-04-21T00:00:00
db:	NVD	id:	CVE-2006-3500	date:	2006-08-03T01:04:00