[email protected]CVE-2008-4223

HistoryDec 17, 2008 - 1:30 a.m.

CVE-2008-4223

2008-12-1701:30:00

CWE-287

[email protected]

web.nvd.nist.gov

podcast producer

apple

mac os x

authentication bypass

cve-2008-4223

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.023 Low

EPSS

Percentile

89.5%

JSON

Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors.

CPENameOperatorVersion
apple:mac_os_x_serverapple mac os x servereq10.5.2
apple:mac_os_x_serverapple mac os x serverle10.5.5
apple:mac_os_x_serverapple mac os x servereq10.5.1
apple:mac_os_x_serverapple mac os x servereq10.5.3
apple:mac_os_x_serverapple mac os x servereq10.5.4
apple:mac_os_x_serverapple mac os x servereq10.5

CPE	Name	Operator	Version
apple:mac_os_x_server	apple mac os x server	eq	10.5.2
apple:mac_os_x_server	apple mac os x server	le	10.5.5
apple:mac_os_x_server	apple mac os x server	eq	10.5.1
apple:mac_os_x_server	apple mac os x server	eq	10.5.3
apple:mac_os_x_server	apple mac os x server	eq	10.5.4
apple:mac_os_x_server	apple mac os x server	eq	10.5

References

lists.apple.com/archives/security-announce//2008//Dec/msg00000.html

secunia.com/advisories/33179

support.apple.com/kb/HT3338

www.securityfocus.com/bid/32839

www.securityfocus.com/bid/32870

www.securitytracker.com/id?1021409

www.us-cert.gov/cas/techalerts/TA08-350A.html

www.vupen.com/english/advisories/2008/3444

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.023 Low

EPSS

Percentile

89.5%

JSON

Related for CVE-2008-4223

prion1 openvas2 nessus1 securityvulns2