ID

VAR-200512-0638


CVE

CVE-2005-3782


TITLE

Mac OS X Bypass login to restart system vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-200512-853

DESCRIPTION

Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. Apple Mac OS X Server is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users

Trust: 1.35

sources: NVD: CVE-2005-3782 // BID: 87970 // VULHUB: VHN-14990 // VULMON: CVE-2005-3782

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.4.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.6

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.3

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.5

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.6

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.4.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.3

Trust: 1.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.3

sources: BID: 87970 // CNNVD: CNNVD-200512-853 // NVD: CVE-2005-3782

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-3782
value: LOW

Trust: 1.0

CNNVD: CNNVD-200512-853
value: LOW

Trust: 0.6

VULHUB: VHN-14990
value: LOW

Trust: 0.1

VULMON: CVE-2005-3782
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2005-3782
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-14990
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-14990 // VULMON: CVE-2005-3782 // CNNVD: CNNVD-200512-853 // NVD: CVE-2005-3782

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3782

THREAT TYPE

local

Trust: 0.9

sources: BID: 87970 // CNNVD: CNNVD-200512-853

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200512-853

EXTERNAL IDS

db:OSVDBid:20776

Trust: 2.1

db:NVDid:CVE-2005-3782

Trust: 2.1

db:CNNVDid:CNNVD-200512-853

Trust: 0.7

db:BIDid:87970

Trust: 0.4

db:VULHUBid:VHN-14990

Trust: 0.1

db:VULMONid:CVE-2005-3782

Trust: 0.1

sources: VULHUB: VHN-14990 // VULMON: CVE-2005-3782 // BID: 87970 // CNNVD: CNNVD-200512-853 // NVD: CVE-2005-3782

REFERENCES

url:http://www.osvdb.org/20776

Trust: 2.1

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-14990 // VULMON: CVE-2005-3782 // BID: 87970 // CNNVD: CNNVD-200512-853 // NVD: CVE-2005-3782

CREDITS

Unknown

Trust: 0.3

sources: BID: 87970

SOURCES

db:VULHUBid:VHN-14990
db:VULMONid:CVE-2005-3782
db:BIDid:87970
db:CNNVDid:CNNVD-200512-853
db:NVDid:CVE-2005-3782

LAST UPDATE DATE

2024-11-23T21:49:51.274000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-14990date:2008-09-05T00:00:00
db:VULMONid:CVE-2005-3782date:2008-09-05T00:00:00
db:BIDid:87970date:2005-12-31T00:00:00
db:CNNVDid:CNNVD-200512-853date:2006-05-22T00:00:00
db:NVDid:CVE-2005-3782date:2024-11-21T00:02:40.070

SOURCES RELEASE DATE

db:VULHUBid:VHN-14990date:2005-12-31T00:00:00
db:VULMONid:CVE-2005-3782date:2005-12-31T00:00:00
db:BIDid:87970date:2005-12-31T00:00:00
db:CNNVDid:CNNVD-200512-853date:2005-12-31T00:00:00
db:NVDid:CVE-2005-3782date:2005-12-31T05:00:00