ID

VAR-199905-0009


CVE

CVE-1999-1393


TITLE

apple's  macOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-1999-000072

DESCRIPTION

Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. apple's macOS Exists in unspecified vulnerabilities.None. Powerbooks come with a 'Password Security' Control Panel. This allows the user to create a password that must be entered prior to the OS mounting the hard drive. This feature can be enabled or disabled by the user. The control panel stores the enabled/disabled state, as well as an encrypted verion of the password, in a file called 'aaaaaaaaAPWD' in the root of the drive. The problem is that this security feature can be bypassed with a boot disk and hard drive utility

Trust: 1.98

sources: NVD: CVE-1999-1393 // JVNDB: JVNDB-1999-000072 // BID: 532 // VULHUB: VHN-1374

AFFECTED PRODUCTS

vendor:applemodel:macosscope:eqversion:8.5

Trust: 1.0

vendor:applemodel:macosscope:eqversion:8.6

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:8.5

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:8.6

Trust: 0.8

vendor:applemodel:mac osscope:eqversion:8.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:8.6

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:88.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:88.5

Trust: 0.3

sources: BID: 532 // JVNDB: JVNDB-1999-000072 // CNNVD: CNNVD-199905-041 // NVD: CVE-1999-1393

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1393
value: MEDIUM

Trust: 1.0

NVD: CVE-1999-1393
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-199905-041
value: MEDIUM

Trust: 0.6

VULHUB: VHN-1374
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-1999-1393
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-1374
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1374 // JVNDB: JVNDB-1999-000072 // CNNVD: CNNVD-199905-041 // NVD: CVE-1999-1393

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-1999-000072 // NVD: CVE-1999-1393

THREAT TYPE

local

Trust: 0.9

sources: BID: 532 // CNNVD: CNNVD-199905-041

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-199905-041

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-1374

PATCH

title:top pageurl:https://www.apple.com/

Trust: 0.8

sources: JVNDB: JVNDB-1999-000072

EXTERNAL IDS

db:NVDid:CVE-1999-1393

Trust: 3.6

db:BIDid:532

Trust: 2.8

db:JVNDBid:JVNDB-1999-000072

Trust: 0.8

db:CNNVDid:CNNVD-199905-041

Trust: 0.7

db:VULHUBid:VHN-1374

Trust: 0.1

sources: VULHUB: VHN-1374 // BID: 532 // JVNDB: JVNDB-1999-000072 // CNNVD: CNNVD-199905-041 // NVD: CVE-1999-1393

REFERENCES

url:http://www.securityfocus.com/bid/532

Trust: 3.5

url:http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html

Trust: 2.7

url:https://nvd.nist.gov/vuln/detail/cve-1999-1393

Trust: 0.8

url:http://www.securemac.com/powerbooksecurity.cfm

Trust: 0.3

sources: VULHUB: VHN-1374 // BID: 532 // JVNDB: JVNDB-1999-000072 // CNNVD: CNNVD-199905-041 // NVD: CVE-1999-1393

CREDITS

From an article at http://www.securemac.com by mSec.

Trust: 0.9

sources: BID: 532 // CNNVD: CNNVD-199905-041

SOURCES

db:VULHUBid:VHN-1374
db:BIDid:532
db:JVNDBid:JVNDB-1999-000072
db:CNNVDid:CNNVD-199905-041
db:NVDid:CVE-1999-1393

LAST UPDATE DATE

2024-11-22T22:49:01.701000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1374date:2008-09-05T00:00:00
db:BIDid:532date:2009-07-11T00:56:00
db:JVNDBid:JVNDB-1999-000072date:2024-05-13T02:42:00
db:CNNVDid:CNNVD-199905-041date:2021-09-23T00:00:00
db:NVDid:CVE-1999-1393date:2024-11-20T23:31:00.410

SOURCES RELEASE DATE

db:VULHUBid:VHN-1374date:1999-05-21T00:00:00
db:BIDid:532date:1999-05-21T00:00:00
db:JVNDBid:JVNDB-1999-000072date:2024-05-13T00:00:00
db:CNNVDid:CNNVD-199905-041date:1999-05-21T00:00:00
db:NVDid:CVE-1999-1393date:1999-05-21T04:00:00