ID

VAR-200609-1302


CVE

CVE-2006-4411


TITLE

OpenSSL SSLv2 client code fails to properly check for NULL

Trust: 0.8

sources: CERT/CC: VU#386964

DESCRIPTION

The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.8 and prior versions are vulnerable to these issues

Trust: 4.14

sources: NVD: CVE-2006-4411 // CERT/CC: VU#386964 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // JVNDB: JVNDB-2006-001156 // BID: 21335 // VULHUB: VHN-20519

AFFECTED PRODUCTS

vendor:debian gnu linuxmodel: - scope: - version: -

Trust: 2.4

vendor:f5model: - scope: - version: -

Trust: 2.4

vendor:freebsdmodel: - scope: - version: -

Trust: 2.4

vendor:openpkgmodel: - scope: - version: -

Trust: 2.4

vendor:opensslmodel: - scope: - version: -

Trust: 2.4

vendor:oraclemodel: - scope: - version: -

Trust: 2.4

vendor:red hatmodel: - scope: - version: -

Trust: 2.4

vendor:suse linuxmodel: - scope: - version: -

Trust: 2.4

vendor:slackware linuxmodel: - scope: - version: -

Trust: 2.4

vendor:ubuntumodel: - scope: - version: -

Trust: 2.4

vendor:rpathmodel: - scope: - version: -

Trust: 2.4

vendor:trustix secure linuxmodel: - scope: - version: -

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.6

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.3.9

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.8

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.1

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.7

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.3

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.3.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.8

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.7

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.3

Trust: 1.0

vendor:appgate network securitymodel: - scope: - version: -

Trust: 0.8

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:attachmatewrqmodel: - scope: - version: -

Trust: 0.8

vendor:avayamodel: - scope: - version: -

Trust: 0.8

vendor:blue coatmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:gnutlsmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:iaik java groupmodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:internet consortiummodel: - scope: - version: -

Trust: 0.8

vendor:intotomodel: - scope: - version: -

Trust: 0.8

vendor:junipermodel: - scope: - version: -

Trust: 0.8

vendor:mandrivamodel: - scope: - version: -

Trust: 0.8

vendor:mozillamodel: - scope: - version: -

Trust: 0.8

vendor:openwall gnu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:operamodel: - scope: - version: -

Trust: 0.8

vendor:rsa securitymodel: - scope: - version: -

Trust: 0.8

vendor:ssh security corpmodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:sybasemodel: - scope: - version: -

Trust: 0.8

vendor:vmwaremodel: - scope: - version: -

Trust: 0.8

vendor:vandykemodel: - scope: - version: -

Trust: 0.8

vendor:stonesoftmodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.3.x to 10.3.9

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:and 10.4.x to 10.4.8

Trust: 0.8

vendor:applemodel:mac osscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.3

Trust: 0.3

vendor:cosmicperlmodel:directory proscope:eqversion:10.0.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.03

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1

Trust: 0.3

sources: CERT/CC: VU#386964 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // BID: 21335 // JVNDB: JVNDB-2006-001156 // CNNVD: CNNVD-200611-513 // NVD: CVE-2006-4411

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-4411
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#386964
value: 0.32

Trust: 0.8

CARNEGIE MELLON: VU#845620
value: 7.56

Trust: 0.8

CARNEGIE MELLON: VU#547300
value: 2.53

Trust: 0.8

NVD: CVE-2006-4411
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200611-513
value: HIGH

Trust: 0.6

VULHUB: VHN-20519
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-4411
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-20519
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#386964 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // VULHUB: VHN-20519 // JVNDB: JVNDB-2006-001156 // CNNVD: CNNVD-200611-513 // NVD: CVE-2006-4411

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-4411

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200611-513

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200611-513

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-001156

PATCH

title:APPLE-SA-2006-11-28url:http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html

Trust: 0.8

sources: JVNDB: JVNDB-2006-001156

EXTERNAL IDS

db:NVDid:CVE-2006-4411

Trust: 2.8

db:USCERTid:TA06-333A

Trust: 2.8

db:BIDid:22083

Trust: 2.4

db:BIDid:21335

Trust: 2.0

db:SECUNIAid:23155

Trust: 1.7

db:VUPENid:ADV-2006-4750

Trust: 1.7

db:SECTRACKid:1017304

Trust: 1.7

db:OSVDBid:30727

Trust: 1.7

db:SECUNIAid:23280

Trust: 1.6

db:SECUNIAid:23309

Trust: 1.6

db:BIDid:20246

Trust: 0.8

db:CERT/CCid:VU#386964

Trust: 0.8

db:SECUNIAid:21709

Trust: 0.8

db:CERT/CCid:VU#845620

Trust: 0.8

db:SECUNIAid:22207

Trust: 0.8

db:SECUNIAid:22212

Trust: 0.8

db:SECUNIAid:22116

Trust: 0.8

db:SECUNIAid:22216

Trust: 0.8

db:SECUNIAid:22220

Trust: 0.8

db:SECUNIAid:22330

Trust: 0.8

db:SECUNIAid:22130

Trust: 0.8

db:SECUNIAid:22240

Trust: 0.8

db:SECUNIAid:22259

Trust: 0.8

db:SECUNIAid:22260

Trust: 0.8

db:SECUNIAid:22165

Trust: 0.8

db:SECUNIAid:22166

Trust: 0.8

db:SECUNIAid:22172

Trust: 0.8

db:SECUNIAid:22284

Trust: 0.8

db:SECUNIAid:22186

Trust: 0.8

db:SECUNIAid:22193

Trust: 0.8

db:SECUNIAid:22094

Trust: 0.8

db:BIDid:20249

Trust: 0.8

db:SECTRACKid:1016943

Trust: 0.8

db:XFid:29237

Trust: 0.8

db:CERT/CCid:VU#547300

Trust: 0.8

db:JVNDBid:JVNDB-2006-001156

Trust: 0.8

db:CNNVDid:CNNVD-200611-513

Trust: 0.7

db:CERT/CCid:TA06-333A

Trust: 0.6

db:APPLEid:APPLE-SA-2006-11-28

Trust: 0.6

db:VULHUBid:VHN-20519

Trust: 0.1

sources: CERT/CC: VU#386964 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // VULHUB: VHN-20519 // BID: 21335 // JVNDB: JVNDB-2006-001156 // CNNVD: CNNVD-200611-513 // NVD: CVE-2006-4411

REFERENCES

url:http://www.us-cert.gov/cas/techalerts/ta06-333a.html

Trust: 2.8

url:http://www.securityfocus.com/bid/22083

Trust: 2.4

url:http://docs.info.apple.com/article.html?artnum=304829

Trust: 2.0

url:http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html

Trust: 1.7

url:http://www.securityfocus.com/bid/21335

Trust: 1.7

url:http://www.osvdb.org/30727

Trust: 1.7

url:http://securitytracker.com/id?1017304

Trust: 1.7

url:http://secunia.com/advisories/23155

Trust: 1.7

url:http://www.openssl.org/news/secadv_20060928.txt

Trust: 1.6

url:http://secunia.com/advisories/23280/

Trust: 1.6

url:http://secunia.com/advisories/23309/

Trust: 1.6

url:http://www.vupen.com/english/advisories/2006/4750

Trust: 1.1

url:http://jvn.jp/cert/jvnvu%23386964/index.html

Trust: 0.8

url:http://www.securityfocus.com/bid/20246

Trust: 0.8

url:http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html

Trust: 0.8

url:http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/

Trust: 0.8

url:http://www.openssl.org/news/secadv_20060905.txt

Trust: 0.8

url:http://secunia.com/advisories/21709/

Trust: 0.8

url:http://www.rsasecurity.com/rsalabs/node.asp?id=2125

Trust: 0.8

url:http://www.ietf.org/rfc/rfc3447.txt

Trust: 0.8

url:http://jvn.jp/cert/jvnvu%23547300/index.html

Trust: 0.8

url:http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html

Trust: 0.8

url:https://issues.rpath.com/browse/rpl-613

Trust: 0.8

url:http://www.openssl.org/news/secadv_20060928.txt

Trust: 0.8

url:http://kolab.org/security/kolab-vendor-notice-11.txt

Trust: 0.8

url:http://openvpn.net/changelog.html

Trust: 0.8

url:http://www.serv-u.com/releasenotes/

Trust: 0.8

url:http://openbsd.org/errata.html#openssl2

Trust: 0.8

url:http://www.securityfocus.com/bid/20249

Trust: 0.8

url:http://securitytracker.com/id?1016943

Trust: 0.8

url:http://secunia.com/advisories/22130

Trust: 0.8

url:http://secunia.com/advisories/22094

Trust: 0.8

url:http://secunia.com/advisories/22165

Trust: 0.8

url:http://secunia.com/advisories/22186

Trust: 0.8

url:http://secunia.com/advisories/22193

Trust: 0.8

url:http://secunia.com/advisories/22207

Trust: 0.8

url:http://secunia.com/advisories/22259

Trust: 0.8

url:http://secunia.com/advisories/22260

Trust: 0.8

url:http://secunia.com/advisories/22166

Trust: 0.8

url:http://secunia.com/advisories/22172

Trust: 0.8

url:http://secunia.com/advisories/22212

Trust: 0.8

url:http://secunia.com/advisories/22240

Trust: 0.8

url:http://secunia.com/advisories/22216

Trust: 0.8

url:http://secunia.com/advisories/22116

Trust: 0.8

url:http://secunia.com/advisories/22220

Trust: 0.8

url:http://secunia.com/advisories/22284

Trust: 0.8

url:http://secunia.com/advisories/22330

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/29237

Trust: 0.8

url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4411

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4411

Trust: 0.8

url:http://www.frsirt.com/english/advisories/2006/4750

Trust: 0.6

url:http://www.info.apple.com/usen/security/security_updates.html

Trust: 0.3

url:http://www.apple.com/macosx/

Trust: 0.3

url:http://labs.musecurity.com/advisories/mu-200611-01.txt

Trust: 0.3

sources: CERT/CC: VU#386964 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // VULHUB: VHN-20519 // BID: 21335 // JVNDB: JVNDB-2006-001156 // CNNVD: CNNVD-200611-513 // NVD: CVE-2006-4411

CREDITS

Benjamin WilliamsMu SecurityEric CroninDr. Stephen N. HensonTim※ darksock@uhagr.org

Trust: 0.6

sources: CNNVD: CNNVD-200611-513

SOURCES

db:CERT/CCid:VU#386964
db:CERT/CCid:VU#845620
db:CERT/CCid:VU#547300
db:VULHUBid:VHN-20519
db:BIDid:21335
db:JVNDBid:JVNDB-2006-001156
db:CNNVDid:CNNVD-200611-513
db:NVDid:CVE-2006-4411

LAST UPDATE DATE

2024-11-23T20:19:54.970000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#386964date:2011-07-22T00:00:00
db:CERT/CCid:VU#845620date:2007-02-08T00:00:00
db:CERT/CCid:VU#547300date:2011-07-22T00:00:00
db:VULHUBid:VHN-20519date:2011-03-08T00:00:00
db:BIDid:21335date:2006-11-30T20:25:00
db:JVNDBid:JVNDB-2006-001156date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200611-513date:2006-12-12T00:00:00
db:NVDid:CVE-2006-4411date:2024-11-21T00:15:53.380

SOURCES RELEASE DATE

db:CERT/CCid:VU#386964date:2006-09-28T00:00:00
db:CERT/CCid:VU#845620date:2006-09-11T00:00:00
db:CERT/CCid:VU#547300date:2006-09-28T00:00:00
db:VULHUBid:VHN-20519date:2006-11-30T00:00:00
db:BIDid:21335date:2006-11-28T00:00:00
db:JVNDBid:JVNDB-2006-001156date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200611-513date:2006-11-30T00:00:00
db:NVDid:CVE-2006-4411date:2006-11-30T16:28:00