ID

VAR-199907-0037


CVE

CVE-1999-1543


TITLE

MacOS Weak Password Encryption Vulnerability

Trust: 0.9

sources: BID: 519 // CNNVD: CNNVD-199907-013

DESCRIPTION

MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File. apple's macOS Exists in unspecified vulnerabilities.None. The encryption algorithm in MacOS system is simple and the password can be easily decoded. Offset is different on each system and depends on Users & Groups configuration, but it always lie after owner's username. It's not so difficult to find it using a hex editor, even if we don't know owner's username. Here are some examples of encrypted passwords: 00 04 06 18 0D 0A 19 0B = stayaway 0A 1F 10 1B 00 07 75 1E = yellow 1C 1B 16 14 12 62 10 7B = owner 07 02 13 1A 1E 0F 1A 14 = turnpage 27 25 33 27 27 39 24 7E = Trustno1 AA BB CC DD EE FF GG HH = aa bb cc dd ee ff gg hh where: AA BB CC DD EE FF GG HH - encrypted password (hex) aa bb cc dd ee ff gg hh - decrypted password in ASCII codes (hex) aa=AA XOR 73H bb=BB XOR AA XOR 70H cc=CC XOR BB XOR 63H dd=DD XOR CC XOR 67H ee=EE XOR DD XOR 74H ff=FF XOR EE XOR 70H gg=GG XOR FF XOR 72H hh=HH XOR GG XOR 6BH An example: Let's take OO 04 06 18 0D 0A 19 0B 00H XOR 73H = 73H = s 04H XOR 00H = 04H; 04H XOR 70H = 74H = t 06H XOR 04H = 02H; O2H XOR 63H = 61H = a 18H XOR 06H = 1EH; 1EH XOR 67H = 79H = y 0DH XOR 18H = 15H; 15H XOR 74H = 61H = a 0AH XOR 0DH = 07H; 07H XOR 70H = 77H = w 19H XOR 0AH = 13H; 13H XOR 72H = 61H = a 0BH XOR 19H = 12H; 12H XOR 6BH = 79H = y tested on: MacOS 7.5.3, 7.5.5, 8.1, 8.5 copied verbatim from a post to bugtraq by Dawid adix Adamski <adixx@FRIKO4.ONET.PL> on July 10, 1999. There are vulnerabilities in MacOS

Trust: 1.98

sources: NVD: CVE-1999-1543 // JVNDB: JVNDB-1999-000071 // BID: 519 // VULHUB: VHN-1524

AFFECTED PRODUCTS

vendor:applemodel:macosscope:eqversion:7.5.3

Trust: 1.0

vendor:applemodel:macosscope:eqversion:7.6.1

Trust: 1.0

vendor:applemodel:macosscope:eqversion:8.0

Trust: 1.0

vendor:applemodel:macosscope:eqversion:7.6

Trust: 1.0

vendor:applemodel:macosscope:eqversion:8.1

Trust: 1.0

vendor:applemodel:macosscope:eqversion:8.5

Trust: 1.0

vendor:applemodel:macosscope:eqversion:8.6

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:8.0

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:8.6

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:7.6.1

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:8.5

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:8.1

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:7.5.3

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:7.6

Trust: 0.8

vendor:applemodel:mac osscope:eqversion:8.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:7.6.1

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:7.6

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:7.5.3

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:8.1

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:8.0

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:8.6

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:88.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:88.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:88.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:88.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:77.6.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:77.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:77.5.3

Trust: 0.3

sources: BID: 519 // JVNDB: JVNDB-1999-000071 // CNNVD: CNNVD-199907-013 // NVD: CVE-1999-1543

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1543
value: MEDIUM

Trust: 1.0

NVD: CVE-1999-1543
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-199907-013
value: MEDIUM

Trust: 0.6

VULHUB: VHN-1524
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-1999-1543
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-1524
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1524 // JVNDB: JVNDB-1999-000071 // CNNVD: CNNVD-199907-013 // NVD: CVE-1999-1543

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-1999-000071 // NVD: CVE-1999-1543

THREAT TYPE

local

Trust: 0.9

sources: BID: 519 // CNNVD: CNNVD-199907-013

TYPE

Design Error

Trust: 0.9

sources: BID: 519 // CNNVD: CNNVD-199907-013

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-1524

PATCH

title:MacOS system encryption algorithm MARCurl:https://marc.info/?l=bugtraq&m=93188174906513&w=2

Trust: 0.8

sources: JVNDB: JVNDB-1999-000071

EXTERNAL IDS

db:NVDid:CVE-1999-1543

Trust: 3.6

db:BIDid:519

Trust: 2.8

db:JVNDBid:JVNDB-1999-000071

Trust: 0.8

db:CNNVDid:CNNVD-199907-013

Trust: 0.7

db:BUGTRAQid:19990710 MACOS SYSTEM ENCRYPTION ALGORITHM

Trust: 0.6

db:BUGTRAQid:19990914 MACOS SYSTEM ENCRYPTION ALGORITHM 3

Trust: 0.6

db:EXPLOIT-DBid:19417

Trust: 0.1

db:VULHUBid:VHN-1524

Trust: 0.1

sources: VULHUB: VHN-1524 // BID: 519 // JVNDB: JVNDB-1999-000071 // CNNVD: CNNVD-199907-013 // NVD: CVE-1999-1543

REFERENCES

url:http://www.securityfocus.com/bid/519

Trust: 3.5

url:http://marc.info/?l=bugtraq&m=93188174906513&w=2

Trust: 2.0

url:http://marc.info/?l=bugtraq&m=93736667813924&w=2

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-1999-1543

Trust: 0.8

url:http://marc.theaimsgroup.com/?l=bugtraq&m=93736667813924&w=2

Trust: 0.6

url:http://marc.theaimsgroup.com/?l=bugtraq&m=93188174906513&w=2

Trust: 0.6

url:http://marc.info/?l=bugtraq&m=93188174906513&w=2

Trust: 0.1

url:http://marc.info/?l=bugtraq&m=93736667813924&w=2

Trust: 0.1

sources: VULHUB: VHN-1524 // JVNDB: JVNDB-1999-000071 // CNNVD: CNNVD-199907-013 // NVD: CVE-1999-1543

CREDITS

Posted to bugtraq on July 10, 1999 by Dawid adix Adamski <adixx@FRIKO4.ONET.PL>. Additional information from Vinnie Moscaritolo <vinnie@apple.com>.

Trust: 0.9

sources: BID: 519 // CNNVD: CNNVD-199907-013

SOURCES

db:VULHUBid:VHN-1524
db:BIDid:519
db:JVNDBid:JVNDB-1999-000071
db:CNNVDid:CNNVD-199907-013
db:NVDid:CVE-1999-1543

LAST UPDATE DATE

2024-11-22T23:14:05.767000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1524date:2016-10-18T00:00:00
db:BIDid:519date:2009-07-11T00:56:00
db:JVNDBid:JVNDB-1999-000071date:2024-05-13T02:41:00
db:CNNVDid:CNNVD-199907-013date:2006-04-07T00:00:00
db:NVDid:CVE-1999-1543date:2024-11-20T23:31:22.133

SOURCES RELEASE DATE

db:VULHUBid:VHN-1524date:1999-07-10T00:00:00
db:BIDid:519date:1999-07-10T00:00:00
db:JVNDBid:JVNDB-1999-000071date:2024-05-13T00:00:00
db:CNNVDid:CNNVD-199907-013date:1999-07-10T00:00:00
db:NVDid:CVE-1999-1543date:1999-07-10T04:00:00