2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2003-0171" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2003-05-05T04:00:00.000" ,
"lastModified" : "2008-09-10T19:18:10.087" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program."
} ,
{
"lang" : "es" ,
"value" : "DirectoryServices en MacOS X se fia de la variable de entorno PATH para localizar y ejecutar el comando touch, lo que permite a usurarios locales ejecutar comandos arbitrarios modificando PATH para que apunte a un directorio que contenga un programa 'touch' malicioso."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C" ,
"accessVector" : "LOCAL" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "COMPLETE" ,
"integrityImpact" : "COMPLETE" ,
"availabilityImpact" : "COMPLETE" ,
"baseScore" : 7.2
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 10.0 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : true ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-Other"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "99C273D1-ADFE-4B4C-B543-7B9CA741A117"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "066ABC3B-B395-42D2-95C0-5B810F91A6F0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "01BC19FC-6E03-4000-AE4B-232E47FA76F2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "421FC2DD-0CF7-44A2-A63C-5221689E2363"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F8B70BC-42B7-453A-B506-7BE69D49A4B5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CA32F7D8-02F8-4CFE-B193-2888807BC4D6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AE52A344-8B07-480D-A57F-B1F6E6574F3B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "56CC0444-570C-4BB5-B53A-C5CA0BD87935"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62E3EED7-FE30-4620-B40B-9CC49B77408A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DB279593-17D1-4A65-BF54-969B38B74B23"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "00AE033B-5F16-4262-A397-02D7450189B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E831F3E-A980-47AF-BD05-2DB1A14689B4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "36991737-904F-4B26-AEE2-7B30411279E8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F7EE6036-1A18-43F1-8A92-7DF39E1516E3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "620ECFC8-293D-4C2B-9698-67185BB6E2EF"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://lists.apple.com/mhonarc/security-announce/msg00028.html" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.atstake.com/research/advisories/2003/a041003-1.txt" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
}
]
}
