FKIE_CVE-2007-0752

Vulnerability from fkie_nvd - Published: 2007-05-24 22:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
References
cve@mitre.orghttp://docs.info.apple.com/article.html?artnum=305530
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537Vendor Advisory
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2007/May/msg00004.html
cve@mitre.orghttp://secunia.com/advisories/25402
cve@mitre.orghttp://www.osvdb.org/35144
cve@mitre.orghttp://www.securityfocus.com/bid/24144
cve@mitre.orghttp://www.securitytracker.com/id?1018124
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1939
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34503
af854a3a-2127-422b-91ae-364da2661108http://docs.info.apple.com/article.html?artnum=305530
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25402
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/35144
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/24144
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018124
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1939
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34503
Impacted products
Vendor Product Version
apple mac_os_x 10.4.8
apple mac_os_x_server 10.4.8
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check."
    },
    {
      "lang": "es",
      "value": "El demonio PPP (pppd) en el Apple Mac OS X 10.4.8 comprueba la propiedad del descriptor del fichero stdin para determinar si el solicitante tiene suficientes privilegios, lo que permite a usuarios locales cargar extensiones de su elecci\u00f3n y obtener privilegios de administrador evitando estas comprobaciones."
    }
  ],
  "id": "CVE-2007-0752",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-24T22:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=305530"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25402"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/35144"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24144"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018124"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1939"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=305530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/35144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34503"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.