CVE-2010-3783:mac_os_x_server: Password Server in Apple Mac OS X 10.5.8 and 10.6.x...

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-3783

mac_os_x_server: Password Server in Apple Mac OS X 10.5.8 and 10.6.x...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3783

Original

Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-11-16

Source Information Category:

Advisory, Alert

Last Updated:

2010-11-17

Affected Product Tags

cpe:/o:apple:mac_os_x_server:10.5.8

cpe:/o:apple:mac_os_x_server:10.6.0

cpe:/o:apple:mac_os_x_server:10.6.1

cpe:/o:apple:mac_os_x_server:10.6.2

cpe:/o:apple:mac_os_x_server:10.6.3

cpe:/o:apple:mac_os_x_server:10.6.4

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

APPLE APPLE-SA-2010-11-10-1

CONFIRM http://support.apple.com/kb/HT4435

Vulnerability Type Permissions, Privileges, and Access Control (CWE-264)