CVE-2006-0392

Current Description

automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names".

Basic Data

PublishedMarch 02, 2006
Last ModifiedJuly 20, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegetrue
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSAppleMac Os X10.3*******
    2.3OSAppleMac Os X10.3.1*******
    2.3OSAppleMac Os X10.3.2*******
    2.3OSAppleMac Os X10.3.3*******
    2.3OSAppleMac Os X10.3.4*******
    2.3OSAppleMac Os X10.3.5*******
    2.3OSAppleMac Os X10.3.6*******
    2.3OSAppleMac Os X10.3.7*******
    2.3OSAppleMac Os X10.3.8*******
    2.3OSAppleMac Os X10.3.9*******
    2.3OSAppleMac Os X10.4*******
    2.3OSAppleMac Os X10.4.1*******
    2.3OSAppleMac Os X10.4.2*******
    2.3OSAppleMac Os X10.4.3*******
    2.3OSAppleMac Os X10.4.4*******
    2.3OSAppleMac Os X10.4.5*******
    2.3OSAppleMac Os X Server10.3*******
    2.3OSAppleMac Os X Server10.3.1*******
    2.3OSAppleMac Os X Server10.3.2*******
    2.3OSAppleMac Os X Server10.3.3*******
    2.3OSAppleMac Os X Server10.3.4*******
    2.3OSAppleMac Os X Server10.3.5*******
    2.3OSAppleMac Os X Server10.3.6*******
    2.3OSAppleMac Os X Server10.3.7*******
    2.3OSAppleMac Os X Server10.3.8*******
    2.3OSAppleMac Os X Server10.3.9*******
    2.3OSAppleMac Os X Server10.4*******
    2.3OSAppleMac Os X Server10.4.1*******
    2.3OSAppleMac Os X Server10.4.2*******
    2.3OSAppleMac Os X Server10.4.3*******
    2.3OSAppleMac Os X Server10.4.4*******
    2.3OSAppleMac Os X Server10.4.5*******

Vulnerable Software List

VendorProductVersions
Apple Mac Os X Server 10.3, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, 10.3.6, 10.3.7, 10.3.8, 10.3.9, 10.4, 10.4.1, 10.4.2, 10.4.3, 10.4.4, 10.4.5
Apple Mac Os X 10.3, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, 10.3.6, 10.3.7, 10.3.8, 10.3.9, 10.4, 10.4.1, 10.4.2, 10.4.3, 10.4.4, 10.4.5

References

NameSourceURLTags
http://docs.info.apple.com/article.html?artnum=303382http://docs.info.apple.com/article.html?artnum=303382CONFIRM
APPLE-SA-2006-03-01http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.htmlAPPLE
19064http://secunia.com/advisories/19064SECUNIAPatch Vendor Advisory
1015709http://securitytracker.com/id?1015709SECTRACK
23640http://www.osvdb.org/23640OSVDB
16907http://www.securityfocus.com/bid/16907BIDPatch
TA06-062Ahttp://www.us-cert.gov/cas/techalerts/TA06-062A.htmlCERTUS Government Resource
ADV-2006-0791http://www.vupen.com/english/advisories/2006/0791VUPEN
macosx-automount-execute-code(25021)https://exchange.xforce.ibmcloud.com/vulnerabilities/25021XF