Lucene search
HistoryNov 10, 2009 - 7:30 p.m.
CVE-2009-2818
cve
2009
2818
apple
mac os x
ssh
login
vulnerability
adaptive firewall
brute-force attack
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.8 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.3%
Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH login attempts, which makes it easier for remote attackers to obtain login access via a brute-force attack (aka dictionary attack).
Affected configurations
Node
applemac_os_x_serverRange≤10.6.1
ORapplemac_os_x_serverMatch10.0
ORapplemac_os_x_serverMatch10.0.0
ORapplemac_os_x_serverMatch10.0.1
ORapplemac_os_x_serverMatch10.0.2
ORapplemac_os_x_serverMatch10.0.3
ORapplemac_os_x_serverMatch10.0.4
ORapplemac_os_x_serverMatch10.1
ORapplemac_os_x_serverMatch10.1.0
ORapplemac_os_x_serverMatch10.1.1
ORapplemac_os_x_serverMatch10.1.2
ORapplemac_os_x_serverMatch10.1.3
ORapplemac_os_x_serverMatch10.1.4
ORapplemac_os_x_serverMatch10.1.5
ORapplemac_os_x_serverMatch10.2
ORapplemac_os_x_serverMatch10.2.0
ORapplemac_os_x_serverMatch10.2.1
ORapplemac_os_x_serverMatch10.2.2
ORapplemac_os_x_serverMatch10.2.3
ORapplemac_os_x_serverMatch10.2.4
ORapplemac_os_x_serverMatch10.2.5
ORapplemac_os_x_serverMatch10.2.6
ORapplemac_os_x_serverMatch10.2.7
ORapplemac_os_x_serverMatch10.2.8
ORapplemac_os_x_serverMatch10.3
ORapplemac_os_x_serverMatch10.3.0
ORapplemac_os_x_serverMatch10.3.1
ORapplemac_os_x_serverMatch10.3.2
ORapplemac_os_x_serverMatch10.3.3
ORapplemac_os_x_serverMatch10.3.4
ORapplemac_os_x_serverMatch10.3.5
ORapplemac_os_x_serverMatch10.3.6
ORapplemac_os_x_serverMatch10.3.7
ORapplemac_os_x_serverMatch10.3.8
ORapplemac_os_x_serverMatch10.3.9
ORapplemac_os_x_serverMatch10.4
ORapplemac_os_x_serverMatch10.4.0
ORapplemac_os_x_serverMatch10.4.1
ORapplemac_os_x_serverMatch10.4.2
ORapplemac_os_x_serverMatch10.4.3
ORapplemac_os_x_serverMatch10.4.4
ORapplemac_os_x_serverMatch10.4.5
ORapplemac_os_x_serverMatch10.4.6
ORapplemac_os_x_serverMatch10.4.7
ORapplemac_os_x_serverMatch10.4.8
ORapplemac_os_x_serverMatch10.4.9
ORapplemac_os_x_serverMatch10.4.10
ORapplemac_os_x_serverMatch10.4.11
ORapplemac_os_x_serverMatch10.5
ORapplemac_os_x_serverMatch10.5.0
ORapplemac_os_x_serverMatch10.5.1
ORapplemac_os_x_serverMatch10.5.2
ORapplemac_os_x_serverMatch10.5.3
ORapplemac_os_x_serverMatch10.5.4
ORapplemac_os_x_serverMatch10.5.5
ORapplemac_os_x_serverMatch10.5.6
ORapplemac_os_x_serverMatch10.5.7
ORapplemac_os_x_serverMatch10.5.8
ORapplemac_os_x_serverMatch10.6
Related
nvd
nvd
CVE-2009-2818
2009-11-10 19:30:01
cvelist
cvelist
CVE-2009-2818
2009-11-10 19:00:00
prion
prion
Design/Logic Flaw
2009-11-10 19:30:00
seebug
seebug
Apple Mac OS X 2009-006更新修复多个安全漏洞
2009-11-10 00:00:00
nessus
nessus
Mac OS X 10.6.x < 10.6.2 Multiple Vulnerabilities
2009-11-09 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2009-006)
2009-11-09 00:00:00
openvas
openvas
Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006
2010-05-12 00:00:00
Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006
2010-05-12 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.8 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.3%
Related for CVE-2009-2818