Vulnerabilities > CVE-2006-4393 - Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8
Attack vector
LOCAL Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 8 |
Nessus
NASL family MacOS X Local Security Checks NASL id MACOSX_10_4_8.NASL description The remote host is running a version of Mac OS X 10.4.x that is prior to 10.4.8. Mac OS X 10.4.8 contains several security fixes for the following programs : - CFNetwork - Flash Player - ImageIO - Kernel - LoginWindow - Preferences - QuickDraw Manager - SASL - WebCore - Workgroup Manager last seen 2020-06-01 modified 2020-06-02 plugin id 22476 published 2006-09-29 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22476 title Mac OS X 10.4.x < 10.4.8 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(22476); script_version ("1.18"); if ( NASL_LEVEL >= 3000 ) script_cve_id("CVE-2006-4390", "CVE-2006-3311", "CVE-2006-3587", "CVE-2006-3588", "CVE-2006-4640", "CVE-2006-4391", "CVE-2006-4392", "CVE-2006-4397", "CVE-2006-4393", "CVE-2006-4394", "CVE-2006-4387", "CVE-2006-4395", "CVE-2006-1721", "CVE-2006-3946", "CVE-2006-4399"); script_bugtraq_id(20271); if ( NASL_LEVEL >= 3000 ) { # nb: 29275 is invalid } script_name(english:"Mac OS X 10.4.x < 10.4.8 Multiple Vulnerabilities"); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a Mac OS X update which fixes a security issue." ); script_set_attribute(attribute:"description", value: "The remote host is running a version of Mac OS X 10.4.x that is prior to 10.4.8. Mac OS X 10.4.8 contains several security fixes for the following programs : - CFNetwork - Flash Player - ImageIO - Kernel - LoginWindow - Preferences - QuickDraw Manager - SASL - WebCore - Workgroup Manager" ); script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=304460" ); script_set_attribute(attribute:"solution", value: "Upgrade to Mac OS X 10.4.8 : http://www.apple.com/support/downloads/macosx1048updateintel.html http://www.apple.com/support/downloads/macosx1048updateppc.html http://www.apple.com/support/downloads/macosxserver1048update.html" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(264); script_set_attribute(attribute:"plugin_publication_date", value: "2006/09/29"); script_set_attribute(attribute:"vuln_publication_date", value: "2006/04/07"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_set_attribute(attribute:"patch_publication_date", value: "2006/11/14"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_end_attributes(); script_summary(english:"Check for the version of Mac OS X"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_family(english:"MacOS X Local Security Checks"); script_dependencies("ssh_get_info.nasl","mdns.nasl", "ntp_open.nasl"); #script_require_keys("Host/MacOSX/packages"); exit(0); } os = get_kb_item("Host/MacOSX/Version"); if ( ! os ) os = get_kb_item("mDNS/os"); if ( ! os ) exit(0); if ( ereg(pattern:"Mac OS X 10\.4($|\.[1-7]([^0-9]|$))", string:os)) security_hole(0);
NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2006-006.NASL description The remote host is running a version of Mac OS X 10.3 which does not have the security update 2006-006 applied. Security Update 2006-006 contains several security fixes for the following programs : - CFNetwork - Flash Player - QuickDraw Manager - SASL - WebCore last seen 2020-06-01 modified 2020-06-02 plugin id 22479 published 2006-09-29 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22479 title Mac OS X Multiple Vulnerabilities (Security Update 2006-006) code # # (C) Tenable Network Security, Inc. # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(22479); script_version ("1.18"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_cve_id("CVE-2006-1721", "CVE-2006-3311", "CVE-2006-3587", "CVE-2006-3588", "CVE-2006-3946", "CVE-2006-4387", "CVE-2006-4390", "CVE-2006-4391", "CVE-2006-4392", "CVE-2006-4393", "CVE-2006-4394", "CVE-2006-4395", "CVE-2006-4397", "CVE-2006-4399", "CVE-2006-4640"); script_bugtraq_id(20271); script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2006-006)"); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a Mac OS X update which fixes a security issue." ); script_set_attribute(attribute:"description", value: "The remote host is running a version of Mac OS X 10.3 which does not have the security update 2006-006 applied. Security Update 2006-006 contains several security fixes for the following programs : - CFNetwork - Flash Player - QuickDraw Manager - SASL - WebCore" ); script_set_attribute(attribute:"solution", value: "Upgrade to Mac OS X 10.4.8 : http://www.apple.com/support/downloads/macosx1048updateintel.html http://www.apple.com/support/downloads/macosx1048updateppc.html" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(264); script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=304460" ); script_set_attribute(attribute:"plugin_publication_date", value: "2006/09/29"); script_set_attribute(attribute:"vuln_publication_date", value: "2006/07/31"); script_set_attribute(attribute:"patch_publication_date", value: "2006/09/29"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_end_attributes(); script_summary(english:"Check for the version of Mac OS X"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_family(english:"MacOS X Local Security Checks"); script_dependencies("ssh_get_info.nasl","mdns.nasl", "ntp_open.nasl"); script_require_keys("Host/MacOSX/packages"); exit(0); } packages = get_kb_item("Host/MacOSX/packages"); if ( ! packages ) exit(0); uname = get_kb_item("Host/uname"); if ( egrep(pattern:"Darwin.* 7\.[0-9]\.", string:uname) ) { if (!egrep(pattern:"^SecUpd(Srvr)?(2006-00[67]|2007-003)", string:packages)) security_hole(0); }
References
- http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
- http://secunia.com/advisories/22187
- http://securitytracker.com/id?1016959
- http://www.osvdb.org/29271
- http://www.securityfocus.com/bid/20271
- http://www.vupen.com/english/advisories/2006/3852
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29290