2 matches found
CVE-2017-2488
CVE-2017-2488 concerns Apple Remote Desktop; a cryptographic weakness in the authentication protocol allowed an attacker to capture cleartext passwords. The issue was mitigated by implementing the Secure Remote Password authentication protocol and is fixed in Apple Remote Desktop 3.9. Remediation...
CVE-2006-4413
Apple Remote Desktop (ARD) prior to 3.1 is affected by insecure permissions on built-in packages, enabling local users on an ARD administration system to modify the packages and gain root privileges on client systems that use the packages. Root cause is insecure package permissions. No remediatio...