Sign-up

ID

VAR-199905-0009


CVE

CVE-1999-1393


TITLE

apple's  macOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-1999-000072

DESCRIPTION

Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. apple's macOS Exists in unspecified vulnerabilities.None. Powerbooks come with a 'Password Security' Control Panel. This allows the user to create a password that must be entered prior to the OS mounting the hard drive. This feature can be enabled or disabled by the user. The control panel stores the enabled/disabled state, as well as an encrypted verion of the password, in a file called 'aaaaaaaaAPWD' in the root of the drive. The problem is that this security feature can be bypassed with a boot disk and hard drive utility

Trust: 1.98

sources: NVD: CVE-1999-1393 // JVNDB: JVNDB-1999-000072 // BID: 532 // VULHUB: VHN-1374

AFFECTED PRODUCTS

vendor:applemodel:macosscope:eqversion:8.5

Trust: 1.0

vendor:applemodel:macosscope:eqversion:8.6

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:8.5

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:8.6

Trust: 0.8

vendor:applemodel:mac osscope:eqversion:8.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:8.6

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:88.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:88.5

Trust: 0.3

sources: BID: 532 // JVNDB: JVNDB-1999-000072 // CNNVD: CNNVD-199905-041 // NVD: CVE-1999-1393

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1393
value: MEDIUM

Trust: 1.0

NVD: CVE-1999-1393
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-199905-041
value: MEDIUM

Trust: 0.6

VULHUB: VHN-1374
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-1999-1393
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-1374
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1374 // JVNDB: JVNDB-1999-000072 // CNNVD: CNNVD-199905-041 // NVD: CVE-1999-1393

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-1999-000072 // NVD: CVE-1999-1393

THREAT TYPE

local

Trust: 0.9

sources: BID: 532 // CNNVD: CNNVD-199905-041

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-199905-041

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-1374

PATCH
title:top pageurl:https://www.apple.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-1999-000072

EXTERNAL IDS
db:NVDid:CVE-1999-1393
Trust: 3.6
db:BIDid:532
Trust: 2.8
db:JVNDBid:JVNDB-1999-000072
Trust: 0.8
db:CNNVDid:CNNVD-199905-041
Trust: 0.7
db:VULHUBid:VHN-1374
Trust: 0.1
sources:
            
            
            VULHUB: VHN-1374 // 
            
            
            
            BID: 532 // 
            
            
            
            JVNDB: JVNDB-1999-000072 // 
            
            
            
            CNNVD: CNNVD-199905-041 // 
            
            
            
            NVD: CVE-1999-1393

REFERENCES
url:http://www.securityfocus.com/bid/532
Trust: 2.5
url:http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-1999-1393
Trust: 0.8
url:http://www.securemac.com/powerbooksecurity.cfm
Trust: 0.3
sources:
            
            
            VULHUB: VHN-1374 // 
            
            
            
            BID: 532 // 
            
            
            
            JVNDB: JVNDB-1999-000072 // 
            
            
            
            CNNVD: CNNVD-199905-041 // 
            
            
            
            NVD: CVE-1999-1393

CREDITS
From an article at http://www.securemac.com by mSec.
Trust: 0.9
sources:
            
            
            BID: 532 // 
            
            
            
            CNNVD: CNNVD-199905-041

SOURCES
db:VULHUBid:VHN-1374
db:BIDid:532
db:JVNDBid:JVNDB-1999-000072
db:CNNVDid:CNNVD-199905-041
db:NVDid:CVE-1999-1393

LAST UPDATE DATE
2024-08-14T14:16:25.677000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-1374date:2008-09-05T00:00:00
db:BIDid:532date:2009-07-11T00:56:00
db:JVNDBid:JVNDB-1999-000072date:2024-05-13T02:42:00
db:CNNVDid:CNNVD-199905-041date:2021-09-23T00:00:00
db:NVDid:CVE-1999-1393date:2021-09-22T14:22:24.190

SOURCES RELEASE DATE
db:VULHUBid:VHN-1374date:1999-05-21T00:00:00
db:BIDid:532date:1999-05-21T00:00:00
db:JVNDBid:JVNDB-1999-000072date:2024-05-13T00:00:00
db:CNNVDid:CNNVD-199905-041date:1999-05-21T00:00:00
db:NVDid:CVE-1999-1393date:1999-05-21T04:00:00