CVE-2006-1470 - Vulnerability Details - OpenCVE

OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Mac Os X Mac Os X Server

Configuration 1 [-]

OR	cpe:2.3:o:apple:mac_os_x:10.4:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.1:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.2:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.3:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.4:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.5:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.6:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::*

No data.

References

Link	Providers
http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html
http://secunia.com/advisories/20877
http://securitytracker.com/id?1016396
http://www.kb.cert.org/vuls/id/652196
http://www.osvdb.org/26932
http://www.securityfocus.com/bid/18686
http://www.securityfocus.com/bid/18728
http://www.vupen.com/english/advisories/2006/2566
https://exchange.xforce.ibmcloud.com/vulnerabilities/27480

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-06-27T22:00:00

Updated: 2024-08-07T17:12:22.161Z

Reserved: 2006-03-28T00:00:00

Link: CVE-2006-1470

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-06-27T22:13:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-1470

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-06-27T00:00:00", "descriptions": [{"lang": "en", "value": "OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "26932", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26932"}, {"name": "APPLE-SA-2006-06-27", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"}, {"name": "18686", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18686"}, {"name": "1016396", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016396"}, {"name": "VU#652196", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/652196"}, {"name": "macosx-openldap-directory-dos(27480)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"}, {"name": "18728", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18728"}, {"name": "20877", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20877"}, {"name": "ADV-2006-2566", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2566"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-1470", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "26932", "refsource": "OSVDB", "url": "http://www.osvdb.org/26932"}, {"name": "APPLE-SA-2006-06-27", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"}, {"name": "18686", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18686"}, {"name": "1016396", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016396"}, {"name": "VU#652196", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/652196"}, {"name": "macosx-openldap-directory-dos(27480)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"}, {"name": "18728", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18728"}, {"name": "20877", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20877"}, {"name": "ADV-2006-2566", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2566"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:12:22.161Z"}, "title": "CVE Program Container", "references": [{"name": "26932", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26932"}, {"name": "APPLE-SA-2006-06-27", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"}, {"name": "18686", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18686"}, {"name": "1016396", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016396"}, {"name": "VU#652196", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/652196"}, {"name": "macosx-openldap-directory-dos(27480)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"}, {"name": "18728", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18728"}, {"name": "20877", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20877"}, {"name": "ADV-2006-2566", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2566"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-1470", "datePublished": "2006-06-27T22:00:00", "dateReserved": "2006-03-28T00:00:00", "dateUpdated": "2024-08-07T17:12:22.161Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error."}, {"lang": "es", "value": "OpenLDAP en Apple Mac OS X v10.4 up a v10.4.6 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una petici\u00f3n LDAP no v\u00e1lida que lanza un error assert."}], "id": "CVE-2006-1470", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-06-27T22:13:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20877"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1016396"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/652196"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26932"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/18686"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/18728"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/2566"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20877"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://securitytracker.com/id?1016396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/652196"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/26932"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/18686"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/18728"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/2566"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}