Vulnerabilities > CVE-2005-3782 - Denial-Of-Service vulnerability in Apple Mac OS X Server

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

apple

NVD

Published: 2005-12-31

Updated: 2008-09-05

Summary

Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple MAC OS X 10.4.3 Apple MAC OS X 10.4.4 Apple MAC OS X 10.4.5 Apple MAC OS X 10.4.6 Apple MAC OS X Server 10.4.3 Apple MAC OS X Server 10.4.4 Apple MAC OS X Server 10.4.5 Apple MAC OS X Server 10.4.6	8

References

http://www.osvdb.org/20776