Sign-up

ID

VAR-200505-0356


CVE

CVE-2005-1338


TITLE

Mac OS X Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200505-905

DESCRIPTION

Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext. Mac OS X is prone to a local security vulnerability

Trust: 1.26

sources: NVD: CVE-2005-1338 // BID: 90093 // VULHUB: VHN-12547

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.3.9

Trust: 1.6

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

sources: BID: 90093 // CNNVD: CNNVD-200505-905 // NVD: CVE-2005-1338

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-1338
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200505-905
value: MEDIUM

Trust: 0.6

VULHUB: VHN-12547
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2005-1338
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-12547
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-12547 // CNNVD: CNNVD-200505-905 // NVD: CVE-2005-1338

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1338

THREAT TYPE

local

Trust: 0.9

sources: BID: 90093 // CNNVD: CNNVD-200505-905

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200505-905

EXTERNAL IDS

db:NVDid:CVE-2005-1338

Trust: 2.0

db:CNNVDid:CNNVD-200505-905

Trust: 0.7

db:APPLEid:APPLE-SA-2005-05-03

Trust: 0.6

db:BIDid:90093

Trust: 0.4

db:VULHUBid:VHN-12547

Trust: 0.1

sources: VULHUB: VHN-12547 // BID: 90093 // CNNVD: CNNVD-200505-905 // NVD: CVE-2005-1338

REFERENCES

url:http://lists.apple.com/archives/security-announce/2005/may/msg00001.html

Trust: 2.0

sources: VULHUB: VHN-12547 // BID: 90093 // CNNVD: CNNVD-200505-905 // NVD: CVE-2005-1338

CREDITS

Unknown

Trust: 0.3

sources: BID: 90093

SOURCES

db:VULHUBid:VHN-12547
db:BIDid:90093
db:CNNVDid:CNNVD-200505-905
db:NVDid:CVE-2005-1338

LAST UPDATE DATE

2024-08-14T12:07:20.689000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-12547date:2008-09-05T00:00:00
db:BIDid:90093date:2005-05-04T00:00:00
db:CNNVDid:CNNVD-200505-905date:2005-10-20T00:00:00
db:NVDid:CVE-2005-1338date:2008-09-05T20:48:52.967

SOURCES RELEASE DATE

db:VULHUBid:VHN-12547date:2005-05-04T00:00:00
db:BIDid:90093date:2005-05-04T00:00:00
db:CNNVDid:CNNVD-200505-905date:2005-05-04T00:00:00
db:NVDid:CVE-2005-1338date:2005-05-04T04:00:00