CVE-2007-0734

Summary

CVE	CVE-2007-0734
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2007-04-10 22:19:00 UTC
Updated	2017-07-29 01:30:00 UTC
Description	fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption.

Risk And Classification

Problem Types: CWE-119

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Apple	Airport Extreme	All	All	All	All
Hardware	Apple	Airport Extreme	All	All	All	All
Operating System	Apple	Mac Os X	10.3.9	All	All	All
Operating System	Apple	Mac Os X	10.4	All	All	All
Operating System	Apple	Mac Os X	10.4.1	All	All	All
Operating System	Apple	Mac Os X	10.4.2	All	All	All
Operating System	Apple	Mac Os X	10.4.3	All	All	All
Operating System	Apple	Mac Os X	10.4.4	All	All	All
Operating System	Apple	Mac Os X	10.4.5	All	All	All
Operating System	Apple	Mac Os X	10.4.6	All	All	All
Operating System	Apple	Mac Os X	10.4.7	All	All	All
Operating System	Apple	Mac Os X	10.4.8	All	All	All
Operating System	Apple	Mac Os X	10.4.9	All	All	All
Operating System	Apple	Mac Os X	10.3.9	All	All	All
Operating System	Apple	Mac Os X	10.4	All	All	All
Operating System	Apple	Mac Os X	10.4.1	All	All	All
Operating System	Apple	Mac Os X	10.4.2	All	All	All
Operating System	Apple	Mac Os X	10.4.3	All	All	All
Operating System	Apple	Mac Os X	10.4.4	All	All	All
Operating System	Apple	Mac Os X	10.4.5	All	All	All
Operating System	Apple	Mac Os X	10.4.6	All	All	All
Operating System	Apple	Mac Os X	10.4.7	All	All	All
Operating System	Apple	Mac Os X	10.4.8	All	All	All
Operating System	Apple	Mac Os X	10.4.9	All	All	All

References

Reference	Source	Link	Tags
Apple Mac OS X 2007-004 Multiple Security Vulnerabilities	BID	www.securityfocus.com
US-CERT Technical Cyber Security Alert TA07-109A -- Apple Updates for Multiple Vulnerabilities	CERT	www.us-cert.gov	US Government Resource
Webmail - OVH	VUPEN	www.vupen.com	Vendor Advisory
Apple AirPort Extreme Base Station Firmware Information Disclosure Vulnerability	BID	www.securityfocus.com
SecurityTracker.com Archives - AirPort Extreme Base Station with 802.11n Discloses Filenames to Remote Users and Allows Incoming IPv6 Connections	SECTRACK	www.securitytracker.com
APPLE-SA-2007-04-19 Security Update 2007-004	APPLE	lists.apple.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com	Vendor Advisory
About Security Update 2007-004	CONFIRM	docs.info.apple.com
About the security content of Firmware Update 7.1 for AirPort Extreme Base Station with 802.11n	CONFIRM	docs.info.apple.com	Patch, Vendor Advisory
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
APPLE-SA-2007-04-09 Firmware version 7.1 for AirPort Extreme Base Station with 802.11n*	APPLE	lists.apple.com	Vendor Advisory
Mac OS X Security Update Fixes Multiple Vulnerabilities - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
SecurityTracker.com Archives - Mac OS X Bugs Let Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges	SECTRACK	www.securitytracker.com
Apple AirPort Extreme Base Station Two Weaknesses - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.