passwd in Directory Services in Mac OS X 10.3.x prior to 10.3.9 and 10.4.x prior to 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apple mac os x 10.3.3 |
||
apple mac os x 10.3.4 |
||
apple mac os x 10.4.1 |
||
apple mac os x 10.4.2 |
||
apple mac os x server 10.3.4 |
||
apple mac os x server 10.3.5 |
||
apple mac os x server 10.4.2 |
||
apple mac os x server 10.4.3 |
||
apple mac os x 10.3.5 |
||
apple mac os x 10.3.6 |
||
apple mac os x 10.4.3 |
||
apple mac os x 10.4.4 |
||
apple mac os x server 10.3.6 |
||
apple mac os x server 10.3.7 |
||
apple mac os x server 10.4.4 |
||
apple mac os x server 10.4.5 |
||
apple mac os x 10.3 |
||
apple mac os x 10.3.7 |
||
apple mac os x 10.3.8 |
||
apple mac os x 10.4.5 |
||
apple mac os x server 10.3 |
||
apple mac os x server 10.3.1 |
||
apple mac os x server 10.3.8 |
||
apple mac os x server 10.3.9 |
||
apple mac os x 10.3.1 |
||
apple mac os x 10.3.2 |
||
apple mac os x 10.3.9 |
||
apple mac os x 10.4 |
||
apple mac os x server 10.3.2 |
||
apple mac os x server 10.3.3 |
||
apple mac os x server 10.4 |
||
apple mac os x server 10.4.1 |
Vulmon