Sign-up

ID

VAR-200611-0008


CVE

CVE-2006-4413


TITLE

Apple Remote Desktop Vulnerabilities that modify packages

Trust: 0.8

sources: JVNDB: JVNDB-2006-001157

DESCRIPTION

Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allows local users on an Apple Remote Desktop administration system to modify the packages and gain root privileges on client systems that use the packages. Apple Remote Desktop is prone to an insecure-default-permissions vulnerability. Successfully exploiting this issue allows attackers to alter the contents of packages that may subsequently be installed on remote computers. This facilitates the complete compromise of remote computers controlled by the vulnerable Remote Desktop server computer. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. Successful exploitation may allow execution of arbitrary code with "root" privileges on client systems when installing or updating the software. SOLUTION: Update to version 3.1. ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=304824 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2006-4413 // JVNDB: JVNDB-2006-001157 // BID: 21139 // VULHUB: VHN-20521 // PACKETSTORM: 52215

AFFECTED PRODUCTS

vendor:applemodel:remote desktopscope:lteversion:3.0

Trust: 1.0

vendor:applemodel:remote desktopscope:eqversion:3.0

Trust: 0.9

vendor:applemodel:remote desktopscope:ltversion:3.1

Trust: 0.8

vendor:applemodel:remote desktopscope:neversion:3.1

Trust: 0.3

sources: BID: 21139 // JVNDB: JVNDB-2006-001157 // CNNVD: CNNVD-200611-292 // NVD: CVE-2006-4413

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-4413
value: HIGH

Trust: 1.0

NVD: CVE-2006-4413
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200611-292
value: HIGH

Trust: 0.6

VULHUB: VHN-20521
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-4413
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-20521
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-20521 // JVNDB: JVNDB-2006-001157 // CNNVD: CNNVD-200611-292 // NVD: CVE-2006-4413

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-4413

THREAT TYPE

local

Trust: 0.9

sources: BID: 21139 // CNNVD: CNNVD-200611-292

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200611-292

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-001157

PATCH
title:APPLE-SA-2006-11-16url:http://lists.apple.com/archives/security-announce/2006/Nov/msg00000.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-001157

EXTERNAL IDS
db:NVDid:CVE-2006-4413
Trust: 2.8
db:BIDid:21139
Trust: 2.0
db:SECUNIAid:22982
Trust: 1.8
db:SECTRACKid:1017241
Trust: 1.7
db:VUPENid:ADV-2006-4567
Trust: 1.7
db:JVNDBid:JVNDB-2006-001157
Trust: 0.8
db:CNNVDid:CNNVD-200611-292
Trust: 0.7
db:APPLEid:APPLE-SA-2006-11-16
Trust: 0.6
db:VULHUBid:VHN-20521
Trust: 0.1
db:PACKETSTORMid:52215
Trust: 0.1
sources:
            
            
            VULHUB: VHN-20521 // 
            
            
            
            BID: 21139 // 
            
            
            
            JVNDB: JVNDB-2006-001157 // 
            
            
            
            PACKETSTORM: 52215 // 
            
            
            
            CNNVD: CNNVD-200611-292 // 
            
            
            
            NVD: CVE-2006-4413

REFERENCES
url:http://lists.apple.com/archives/security-announce/2006/nov/msg00000.html
Trust: 1.7
url:http://www.securityfocus.com/bid/21139
Trust: 1.7
url:http://securitytracker.com/id?1017241
Trust: 1.7
url:http://secunia.com/advisories/22982
Trust: 1.7
url:http://www.vupen.com/english/advisories/2006/4567
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4413
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4413
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2006/4567
Trust: 0.6
url:http://www.apple.com/remotedesktop/
Trust: 0.3
url:http://docs.info.apple.com/article.html?artnum=304824
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://www.apple.com/support/downloads/appleremotedesktop31admin.html
Trust: 0.1
url:http://www.apple.com/support/downloads/appleremotedesktop31client.html
Trust: 0.1
url:http://corporate.secunia.com/products/48/?r=l
Trust: 0.1
url:http://secunia.com/product/12647/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/22982/
Trust: 0.1
url:http://corporate.secunia.com/how_to_buy/15/?r=l
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-20521 // 
            
            
            
            BID: 21139 // 
            
            
            
            JVNDB: JVNDB-2006-001157 // 
            
            
            
            PACKETSTORM: 52215 // 
            
            
            
            CNNVD: CNNVD-200611-292 // 
            
            
            
            NVD: CVE-2006-4413

CREDITS
Andrew Mortensen of the University of Michigan reported this issue to the vendor.
Trust: 0.9
sources:
            
            
            BID: 21139 // 
            
            
            
            CNNVD: CNNVD-200611-292

SOURCES
db:VULHUBid:VHN-20521
db:BIDid:21139
db:JVNDBid:JVNDB-2006-001157
db:PACKETSTORMid:52215
db:CNNVDid:CNNVD-200611-292
db:NVDid:CVE-2006-4413

LAST UPDATE DATE
2024-08-14T15:35:54.799000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-20521date:2011-03-08T00:00:00
db:BIDid:21139date:2006-11-21T19:05:00
db:JVNDBid:JVNDB-2006-001157date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200611-292date:2006-11-20T00:00:00
db:NVDid:CVE-2006-4413date:2011-03-08T02:40:53.143

SOURCES RELEASE DATE
db:VULHUBid:VHN-20521date:2006-11-18T00:00:00
db:BIDid:21139date:2006-11-16T00:00:00
db:JVNDBid:JVNDB-2006-001157date:2012-06-26T00:00:00
db:PACKETSTORMid:52215date:2006-11-17T23:30:18
db:CNNVDid:CNNVD-200611-292date:2006-11-17T00:00:00
db:NVDid:CVE-2006-4413date:2006-11-18T01:07:00