Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2007-5855 | First vendor Publication | 2007-12-19 |
Vendor | Cve | Last vendor Modification | 2017-07-29 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 6.4 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available, which makes it easier for remote attackers to sniff account activity. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5855 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-287 | Improper Authentication |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
40728 | Apple Mac OS X Mail Account Assistant SMTP Account Encryption Fallback Cleart... Mac OS X contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords when Mail defaults to using plaintext passwords for SMTP authentication against servers that support both MD5 challenge response and plaintext, which may lead to a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-12-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:06:38 |
|
2021-04-22 01:07:09 |
|
2020-05-23 00:20:44 |
|
2017-07-29 12:02:39 |
|
2016-04-26 16:47:23 |
|
2014-02-17 10:42:30 |
|
2013-05-11 10:41:26 |
|