PT-2004-1194 · None+1 · Dhcp+4

Published

2004-03-10

Updated

2017-07-11

CVE-2003-1009

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.0.2 through 10.3.2 Apple Mac OS X Server versions 10.2 through 10.3.2

Description The issue allows remote attackers to gain privileges by accepting authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server.

Recommendations For Apple Mac OS X versions 10.0.2 through 10.3.2, restrict access to unknown LDAP or NetInfo sources. For Apple Mac OS X Server versions 10.2 through 10.3.2, consider disabling the acceptance of authentication server information from unknown sources until a fix is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-1009

Affected Products

Dhcp

Ldap

Macos X

Macos X Server

Netinfo

PT-2004-1194 · None+1 · Dhcp+4

CVE-2003-1009

Related Identifiers

Affected Products

References · 6