2.1

CVE-2006-4399

User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to allow administrators to change the authentication type from crypt to ShadowHash passwords for accounts in a NetInfo parent, when such an operation is not actually supported, which could result in less secure password management than intended.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS X Version10.4
ApplemacOS X Version10.4.1
ApplemacOS X Version10.4.2
ApplemacOS X Version10.4.3
ApplemacOS X Version10.4.4
ApplemacOS X Version10.4.5
ApplemacOS X Version10.4.6
ApplemacOS X Version10.4.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.98% 0.576
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
Patch
http://secunia.com/advisories/22187
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/3852
http://www.us-cert.gov/cas/techalerts/TA06-275A.html
US Government Resource
http://www.securityfocus.com/bid/20271
Patch
http://securitytracker.com/id?1016958
Patch
http://www.kb.cert.org/vuls/id/847468
US Government Resource
http://www.osvdb.org/29276
https://exchange.xforce.ibmcloud.com/vulnerabilities/29302