CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Metasploit Modules Related To Apple

CVE-2003-0050  QuickTime Streaming Server parse_xml.cgi Remote Execution
The QuickTime Streaming Server contains a CGI script that is vulnerable to metacharacter injection, allow arbitrary commands to be executed as root.
Module type : exploit Rank : excellent Platforms : Unix
CVE-2003-0201  Samba trans2open Overflow (*BSD x86)
This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the flaw on x86 Linux systems that do not have the noexec stack option set.
Module type : exploit Rank : great Platforms : BSD
CVE-2003-0201  Samba trans2open Overflow (Linux x86)
This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the flaw on x86 Linux systems that do not have the noexec stack option set. NOTE: Some older versions of RedHat do not seem to be vulnerable since they apparently do not allow anonymous access to IPC.
Module type : exploit Rank : great Platforms : Linux
CVE-2003-0201  Samba trans2open Overflow (Mac OS X PPC)
This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the bug on Mac OS X PowerPC systems.
Module type : exploit Rank : great Platforms : OSX
CVE-2003-0201  Samba trans2open Overflow (Solaris SPARC)
This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the flaw on Solaris SPARC systems that do not have the noexec stack option set. Big thanks to MC and valsmith for resolving a problem with the beta version of this module.
Module type : exploit Rank : great Platforms : Solaris
CVE-2003-0270  Apple Airport ACPP Authentication Scanner
This module attempts to authenticate to an Apple Airport using its proprietary and largely undocumented protocol known only as ACPP.
Module type : auxiliary Rank : normal
CVE-2003-0694  Sendmail SMTP Address prescan Memory Corruption
This is a proof of concept denial of service module for Sendmail versions 8.12.8 and earlier. The vulnerability is within the prescan() method when parsing SMTP headers. Due to the prescan function, only 0x5c and 0x00 bytes can be used, limiting the likelihood for arbitrary code execution.
Module type : auxiliary Rank : normal
CVE-2004-0430  AppleFileServer LoginExt PathName Overflow
This module exploits a stack buffer overflow in the AppleFileServer service on MacOS X. This vulnerability was originally reported by Atstake and was actually one of the few useful advisories ever published by that company. You only have one chance to exploit this bug. This particular exploit uses a stack-based return address that will only work under optimal conditions.
Module type : exploit Rank : average Platforms : OSX
CVE-2004-2687  DistCC Daemon Command Execution
This module uses a documented security weakness to execute arbitrary commands on any system running distccd.
Module type : exploit Rank : excellent Platforms : Unix
CVE-2005-0043  Apple ITunes 4.7 Playlist Buffer Overflow
This module exploits a stack buffer overflow in Apple ITunes 4.7 build 4.7.0.42. By creating a URL link to a malicious PLS file, a remote attacker could overflow a buffer and execute arbitrary code. When using this module, be sure to set the URIPATH with an extension of '.pls'.
Module type : exploit Rank : normal Platforms : Windows
CVE-2006-0395  Mail.app Image Attachment Command Execution
This module exploits a command execution vulnerability in the Mail.app application shipped with Mac OS X 10.5.0. This flaw was patched in 10.4 in March of 2007, but reintroduced into the final release of 10.5.
Module type : exploit Rank : manual Platforms : Unix,OSX
CVE-2006-0848  Safari Archive Metadata Command Execution
This module exploits a vulnerability in Safari's "Safe file" feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should be opened by Terminal.app. This module depends on the 'zip' command-line utility.
Module type : exploit Rank : excellent Platforms : Unix
CVE-2007-0015  Apple QuickTime 7.1.3 RTSP URI Buffer Overflow
This module exploits a buffer overflow in Apple QuickTime 7.1.3. This module was inspired by MOAB-01-01-2007. The Browser target for this module was tested against IE 6 and Firefox 1.5.0.3 on Windows XP SP0/2; Firefox 3 blacklists the QuickTime plugin.
Module type : exploit Rank : normal Platforms : Windows
CVE-2007-2175  Apple QTJava toQTPointer() Arbitrary Memory Access
This module exploits an arbitrary memory access vulnerability in the Quicktime for Java API provided with Quicktime 7.
Module type : exploit Rank : excellent Platforms : Windows,OSX
CVE-2007-2386  Mac OS X mDNSResponder UPnP Location Overflow
This module exploits a buffer overflow that occurs when processing specially crafted requests set to mDNSResponder. All Mac OS X systems between version 10.4 and 10.4.9 (without the 2007-005 patch) are affected.
Module type : exploit Rank : average Platforms : OSX
CVE-2007-5863  Apple OS X Software Update Command Execution
This module exploits a feature in the Distribution Packages, which are used in the Apple Software Update mechanism. This feature allows for arbitrary command execution through JavaScript. This exploit provides the malicious update server. Requests must be redirected to this server by other means for this exploit to work.
Module type : exploit Rank : excellent Platforms : OSX
CVE-2007-6165  Mail.app Image Attachment Command Execution
This module exploits a command execution vulnerability in the Mail.app application shipped with Mac OS X 10.5.0. This flaw was patched in 10.4 in March of 2007, but reintroduced into the final release of 10.5.
Module type : exploit Rank : manual Platforms : Unix,OSX
CVE-2007-6166  MacOS X QuickTime RTSP Content-Type Overflow
No module description
Module type : exploit Rank : average Platforms : OSX
CVE-2007-6166  Apple QuickTime 7.3 RTSP Response Header Buffer Overflow
This module exploits a stack buffer overflow in Apple QuickTime 7.3. By sending an overly long RTSP response to a client, an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2009-0950  Apple OS X iTunes 8.1.1 ITMS Overflow
This modules exploits a stack-based buffer overflow in iTunes itms:// URL parsing. It is accessible from the browser and in Safari, itms urls will be opened in iTunes automatically. Because iTunes is multithreaded, only vfork-based payloads should be used.
Module type : exploit Rank : great Platforms : OSX

Please note: Metasploit modules are only matched by CVE numbers. There may be other modules related to this product. Visit metasploit web site for more details
Total number of modules found = 39   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.