Vulnerability Description
Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | 10.0.2 |
| Apple | Mac Os X Server | 10.2 |
References
- http://docs.info.apple.com/article.html?artnum=32478
- http://docs.info.apple.com/article.html?artnum=61798PatchVendor Advisory
- http://www.carrel.org/dhcp-vuln.html
- http://www.securityfocus.com/bid/9110ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13874
- http://docs.info.apple.com/article.html?artnum=32478
- http://docs.info.apple.com/article.html?artnum=61798PatchVendor Advisory
- http://www.carrel.org/dhcp-vuln.html
- http://www.securityfocus.com/bid/9110ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13874
FAQ
What is CVE-2003-1009?
CVE-2003-1009 is a vulnerability with a CVSS score of 10.0 (HIGH). Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as prov...
How severe is CVE-2003-1009?
CVE-2003-1009 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1009?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Apple Mac Os X Server.