Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2008-3611 | First vendor Publication | 2008-09-16 |
Vendor | Cve | Last vendor Modification | 2017-08-08 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:N/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.3 | Attack Range | Local |
Cvss Impact Score | 9.2 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Login Window in Apple Mac OS X 10.4.11 does not clear the current password when a user makes a password-change attempt that is denied by policy, which allows opportunistic, physically proximate attackers to bypass authentication and change this user's password by later entering an acceptable new password on the same login screen. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3611 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-287 | Improper Authentication |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.5 Update / Security Update 2008-006 File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
48191 | Apple Mac OS X Login Window Password Modification Weakness |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-09-16 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_5.nasl - Type : ACT_GATHER_INFO |
2008-09-16 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-006.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:07:54 |
|
2021-04-22 01:08:15 |
|
2020-05-23 00:22:06 |
|
2017-08-08 09:24:18 |
|
2016-04-26 17:44:01 |
|
2014-02-17 10:46:02 |
|
2013-05-11 00:23:28 |
|