Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2006-4409 (GCVE-0-2006-4409)
Vulnerability from cvelistv5 – Published: 2006-11-30 16:00 – Updated: 2024-08-07 19:06
VLAI?
EPSS
Summary
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-4750",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"name": "21335",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21335"
},
{
"name": "30729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30729"
},
{
"name": "1017298",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017298"
},
{
"name": "23155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23155"
},
{
"name": "APPLE-SA-2006-11-28",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"name": "TA06-333A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"name": "VU#811384",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/811384"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-04T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-4750",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"name": "21335",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21335"
},
{
"name": "30729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30729"
},
{
"name": "1017298",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017298"
},
{
"name": "23155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23155"
},
{
"name": "APPLE-SA-2006-11-28",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"name": "TA06-333A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"name": "VU#811384",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/811384"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-4750",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=304829",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"name": "21335",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21335"
},
{
"name": "30729",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30729"
},
{
"name": "1017298",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017298"
},
{
"name": "23155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23155"
},
{
"name": "APPLE-SA-2006-11-28",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"name": "TA06-333A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"name": "VU#811384",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/811384"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4409",
"datePublished": "2006-11-30T16:00:00",
"dateReserved": "2006-08-28T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0760FDDB-38D3-4263-9B4D-1AF5E613A4F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFD4DE58-46C7-4E69-BF36-C5FD768B8248\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF824694-52DE-44E3-ACAD-60B2A84CD3CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B73A0891-A37A-4E0D-AA73-B18BFD6B1447\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C580935-0091-4163-B747-750FB7686973\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB0F2132-8431-4CEF-9A3D-A69425E3834E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8719F3C4-F1DE-49B5-9301-22414A2B6F9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09ED46A8-1739-411C-8807-2A416BDB6DFE\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.\"}, {\"lang\": \"es\", \"value\": \"El servicio Online Certificate Status Protocol (OCSP) en el Security Framework en Apple Mac OS X 10.4 hasta 10.4.8 recupera listas de revocaci\\u00f3n de certificados (CRL) cuando un proxy HTTP est\\u00e1 en uso, lo cual podr\\u00eda causar que el sistema acepte certificados que han sido revocados.\"}]",
"id": "CVE-2006-4409",
"lastModified": "2024-11-21T00:15:53.100",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2006-11-30T16:28:00.000",
"references": "[{\"url\": \"http://docs.info.apple.com/article.html?artnum=304829\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/23155\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1017298\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/811384\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/30729\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/21335\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA06-333A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4750\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=304829\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/23155\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1017298\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/811384\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/30729\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/21335\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA06-333A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4750\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2006-4409\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-11-30T16:28:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.\"},{\"lang\":\"es\",\"value\":\"El servicio Online Certificate Status Protocol (OCSP) en el Security Framework en Apple Mac OS X 10.4 hasta 10.4.8 recupera listas de revocaci\u00f3n de certificados (CRL) cuando un proxy HTTP est\u00e1 en uso, lo cual podr\u00eda causar que el sistema acepte certificados que han sido revocados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0760FDDB-38D3-4263-9B4D-1AF5E613A4F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFD4DE58-46C7-4E69-BF36-C5FD768B8248\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF824694-52DE-44E3-ACAD-60B2A84CD3CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73A0891-A37A-4E0D-AA73-B18BFD6B1447\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C580935-0091-4163-B747-750FB7686973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB0F2132-8431-4CEF-9A3D-A69425E3834E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8719F3C4-F1DE-49B5-9301-22414A2B6F9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09ED46A8-1739-411C-8807-2A416BDB6DFE\"}]}]}],\"references\":[{\"url\":\"http://docs.info.apple.com/article.html?artnum=304829\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23155\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1017298\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/811384\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/30729\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/21335\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-333A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4750\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=304829\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1017298\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/811384\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/30729\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/21335\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-333A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
VAR-200609-1413
Vulnerability from variot - Updated: 2024-07-23 20:13The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. These issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.8 and prior versions are vulnerable to these issues
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1413",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.4 to 10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Benjamin WilliamsMu SecurityEric CroninDr. Stephen N. HensonTim\u203b darksock@uhagr.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4409",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-20517",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4409",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#811384",
"trust": 0.8,
"value": "0.22"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20517",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. \nThese issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. \nApple Mac OS X 10.4.8 and prior versions are vulnerable to these issues",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#811384",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2006-4409",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 2.5
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "21335",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1017298",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "30729",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA06-333A",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-11-28",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-20517",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"id": "VAR-200609-1413",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:13:03.726000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2006-11-28",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 2.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21335"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30729"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1017298"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4409"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4409"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4750"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://labs.musecurity.com/advisories/mu-200611-01.txt"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-28T00:00:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2006-11-30T16:28:00",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-30T20:25:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2011-03-08T02:40:52.830000",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
}
}
VAR-200609-0855
Vulnerability from variot - Updated: 2024-06-17 03:48The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. These issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.8 and prior versions are vulnerable to these issues
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0855",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.4 to 10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Benjamin WilliamsMu SecurityEric CroninDr. Stephen N. HensonTim\u203b darksock@uhagr.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4409",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-20517",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4409",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#811384",
"trust": 0.8,
"value": "0.22"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20517",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. \nThese issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. \nApple Mac OS X 10.4.8 and prior versions are vulnerable to these issues",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#811384",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2006-4409",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 2.5
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "21335",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1017298",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "30729",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA06-333A",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-11-28",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-20517",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"id": "VAR-200609-0855",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 0.01
},
"last_update_date": "2024-06-17T03:48:59.542000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2006-11-28",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 2.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21335"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30729"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1017298"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4409"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4409"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4750"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://labs.musecurity.com/advisories/mu-200611-01.txt"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-28T00:00:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2006-11-30T16:28:00",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-30T20:25:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2011-03-08T02:40:52.830000",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
}
}
VAR-200609-0665
Vulnerability from variot - Updated: 2024-06-17 10:22The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. These issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.8 and prior versions are vulnerable to these issues
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0665",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.4 to 10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Benjamin WilliamsMu SecurityEric CroninDr. Stephen N. HensonTim\u203b darksock@uhagr.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4409",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-20517",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4409",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#811384",
"trust": 0.8,
"value": "0.22"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20517",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. \nThese issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. \nApple Mac OS X 10.4.8 and prior versions are vulnerable to these issues",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#811384",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2006-4409",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 2.5
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "21335",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1017298",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "30729",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA06-333A",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-11-28",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-20517",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"id": "VAR-200609-0665",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 0.01
},
"last_update_date": "2024-06-17T10:22:52.185000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2006-11-28",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 2.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21335"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30729"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1017298"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4409"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4409"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4750"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://labs.musecurity.com/advisories/mu-200611-01.txt"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-28T00:00:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2006-11-30T16:28:00",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-30T20:25:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2011-03-08T02:40:52.830000",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
}
}
VAR-200609-1258
Vulnerability from variot - Updated: 2024-07-22 22:43The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. These issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.8 and prior versions are vulnerable to these issues
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.4 to 10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Benjamin WilliamsMu SecurityEric CroninDr. Stephen N. HensonTim\u203b darksock@uhagr.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4409",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-20517",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4409",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#811384",
"trust": 0.8,
"value": "0.22"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20517",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. \nThese issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. \nApple Mac OS X 10.4.8 and prior versions are vulnerable to these issues",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#811384",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2006-4409",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 2.5
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "21335",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1017298",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "30729",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA06-333A",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-11-28",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-20517",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"id": "VAR-200609-1258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-22T22:43:28.665000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2006-11-28",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 2.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21335"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30729"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1017298"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4409"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4409"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4750"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://labs.musecurity.com/advisories/mu-200611-01.txt"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-28T00:00:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2006-11-30T16:28:00",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-30T20:25:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2011-03-08T02:40:52.830000",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
}
}
VAR-200609-0889
Vulnerability from variot - Updated: 2024-06-16 10:22The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. These issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.8 and prior versions are vulnerable to these issues
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0889",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.4 to 10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Benjamin WilliamsMu SecurityEric CroninDr. Stephen N. HensonTim\u203b darksock@uhagr.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4409",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-20517",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4409",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#811384",
"trust": 0.8,
"value": "0.22"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20517",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. \nThese issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. \nApple Mac OS X 10.4.8 and prior versions are vulnerable to these issues",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#811384",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2006-4409",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 2.5
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "21335",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1017298",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "30729",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA06-333A",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-11-28",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-20517",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"id": "VAR-200609-0889",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20517"
}
],
"trust": 0.01
},
"last_update_date": "2024-06-16T10:22:02.671000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2006-11-28",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 2.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21335"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30729"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1017298"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4409"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4409"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4750"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://labs.musecurity.com/advisories/mu-200611-01.txt"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#811384"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "VULHUB",
"id": "VHN-20517"
},
{
"db": "BID",
"id": "21335"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-28T00:00:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2006-11-30T16:28:00",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#811384"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-20517"
},
{
"date": "2006-11-30T20:25:00",
"db": "BID",
"id": "21335"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001154"
},
{
"date": "2006-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-479"
},
{
"date": "2011-03-08T02:40:52.830000",
"db": "NVD",
"id": "CVE-2006-4409"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-479"
}
],
"trust": 0.6
}
}
CERTA-2006-AVI-517
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. Certaines pourraient, si elles sont exploitées par une personne malveillante, provoquer l'exécution de code arbitraire à distance.
Description
De multiples vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. Parmi celles-ci :
- une vulnérabilité des pilotes de cartes sans-fil Airport : ils n'interpreteraient pas correctement des paquets répondant à une requête de sondage (de type Probe). Une personne malveillante pourrait donc émettre un paquet malformé, en réponse à une requête, afin de provoquer l'exécution de commandes arbitraires à distance. Les solutions de sécurité comme WPA, VPN, 802.11i ne protègent pas de cette catégorie d'attaques visant directement le pilote de la carte réseau. Le CERTA mentionne ce problème dans le bulletin d'actualité CERTA-2006-ACT-046 ;
- une vulnérabilité de CFNetwork : les URI (pour Uniform Resource Identifier) FTP ne sont pas validées correctement. Une personne pourrait, en visitant un site FTP construit de manière malveillante, lancer à son insu des commandes FTP contre un site tiers ;
- plusieurs vulnérabilités dans clamAV pour Mac OS X Server ;
- des vulnérabilités dans OpenSSL pour MacOS. Celles-ci ont été abordées dans des avis du CERTA, notamment CERTA-2006-AVI-421 et CERTA-2006-AVI-448 ;
- des vulnérabilités de PHP : certaines ont été décrites dans l'avis du CERTA CERTA-2006-AVI-481 ;
- une vulnérabilité de PPP : une personne malveillante pourrait, sur le même réseau qu'une machine vulnérable, envoyer un paquet spécialement conçu, afin de perturber PPPoE. Cela permettrait sous certaines conditions d'exécuter des commandes arbitraires à distance. PPPoE n'est cependant pas activé par défaut.
Solution
Se référer au bulletin de sécurité de l'éditeur Apple pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Apple Mac OS X Server v10.3.9 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple Mac OS X v10.4.8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple Mac OS X Server v10.4.8.",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple Mac OS X v10.3.9 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. Parmi celles-ci :\n\n- une vuln\u00e9rabilit\u00e9 des pilotes de cartes sans-fil Airport : ils\n n\u0027interpreteraient pas correctement des paquets r\u00e9pondant \u00e0 une\n requ\u00eate de sondage (de type Probe). Une personne malveillante\n pourrait donc \u00e9mettre un paquet malform\u00e9, en r\u00e9ponse \u00e0 une requ\u00eate,\n afin de provoquer l\u0027ex\u00e9cution de commandes arbitraires \u00e0 distance.\n Les solutions de s\u00e9curit\u00e9 comme WPA, VPN, 802.11i ne prot\u00e8gent pas\n de cette cat\u00e9gorie d\u0027attaques visant directement le pilote de la\n carte r\u00e9seau. Le CERTA mentionne ce probl\u00e8me dans le bulletin\n d\u0027actualit\u00e9 CERTA-2006-ACT-046 ;\n- une vuln\u00e9rabilit\u00e9 de CFNetwork : les URI (pour Uniform Resource\n Identifier) FTP ne sont pas valid\u00e9es correctement. Une personne\n pourrait, en visitant un site FTP construit de mani\u00e8re malveillante,\n lancer \u00e0 son insu des commandes FTP contre un site tiers ;\n- plusieurs vuln\u00e9rabilit\u00e9s dans clamAV pour Mac OS X Server ;\n- des vuln\u00e9rabilit\u00e9s dans OpenSSL pour MacOS. Celles-ci ont \u00e9t\u00e9\n abord\u00e9es dans des avis du CERTA, notamment CERTA-2006-AVI-421 et\n CERTA-2006-AVI-448 ;\n- des vuln\u00e9rabilit\u00e9s de PHP : certaines ont \u00e9t\u00e9 d\u00e9crites dans l\u0027avis\n du CERTA CERTA-2006-AVI-481 ;\n- une vuln\u00e9rabilit\u00e9 de PPP : une personne malveillante pourrait, sur\n le m\u00eame r\u00e9seau qu\u0027une machine vuln\u00e9rable, envoyer un paquet\n sp\u00e9cialement con\u00e7u, afin de perturber PPPoE. Cela permettrait sous\n certaines conditions d\u0027ex\u00e9cuter des commandes arbitraires \u00e0\n distance. PPPoE n\u0027est cependant pas activ\u00e9 par d\u00e9faut.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur Apple pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2006-4339",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4339"
},
{
"name": "CVE-2006-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1990"
},
{
"name": "CVE-2006-4398",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4398"
},
{
"name": "CVE-2006-5465",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5465"
},
{
"name": "CVE-2006-4403",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4403"
},
{
"name": "CVE-2006-2940",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2940"
},
{
"name": "CVE-2006-4182",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4182"
},
{
"name": "CVE-2006-4404",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4404"
},
{
"name": "CVE-2006-4334",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4334"
},
{
"name": "CVE-2006-4343",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4343"
},
{
"name": "CVE-2006-4408",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4408"
},
{
"name": "CVE-2006-4335",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4335"
},
{
"name": "CVE-2006-4396",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4396"
},
{
"name": "CVE-2006-4401",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4401"
},
{
"name": "CVE-2006-4407",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4407"
},
{
"name": "CVE-2006-3403",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3403"
},
{
"name": "CVE-2006-4400",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4400"
},
{
"name": "CVE-2006-4336",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4336"
},
{
"name": "CVE-2006-4337",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4337"
},
{
"name": "CVE-2006-4402",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4402"
},
{
"name": "CVE-2006-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3738"
},
{
"name": "CVE-2006-1490",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1490"
},
{
"name": "CVE-2006-2937",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2937"
},
{
"name": "CVE-2006-4409",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4409"
},
{
"name": "CVE-2006-4410",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4410"
},
{
"name": "CVE-2006-4411",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4411"
},
{
"name": "CVE-2006-5710",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5710"
},
{
"name": "CVE-2006-4338",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4338"
},
{
"name": "CVE-2006-4412",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4412"
},
{
"name": "CVE-2006-3962",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3962"
},
{
"name": "CVE-2006-4406",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4406"
}
],
"links": [
{
"title": "Bulletin d\u0027actualit\u00e9 du CERTA CERTA-2006-ACT-046 du 17 novembre 2006 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-ACT-046.pdf"
},
{
"title": "Avis du CERTA CERTA-2006-AVI-448 du 11 octobre 2006 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-448/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple 2006-007 du 28 novembre 2006 :",
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"title": "Avis du CERTA CERTA-2006-AVI-421 du 03 octobre 2006 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-421/"
}
],
"reference": "CERTA-2006-AVI-517",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-11-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. Certaines pourraient, si elles sont\nexploit\u00e9es par une personne malveillante, provoquer l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de mises \u00e0 jour Apple 2006-007 du 28 novembre 2006",
"url": null
}
]
}
CERTA-2006-AVI-517
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. Certaines pourraient, si elles sont exploitées par une personne malveillante, provoquer l'exécution de code arbitraire à distance.
Description
De multiples vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. Parmi celles-ci :
- une vulnérabilité des pilotes de cartes sans-fil Airport : ils n'interpreteraient pas correctement des paquets répondant à une requête de sondage (de type Probe). Une personne malveillante pourrait donc émettre un paquet malformé, en réponse à une requête, afin de provoquer l'exécution de commandes arbitraires à distance. Les solutions de sécurité comme WPA, VPN, 802.11i ne protègent pas de cette catégorie d'attaques visant directement le pilote de la carte réseau. Le CERTA mentionne ce problème dans le bulletin d'actualité CERTA-2006-ACT-046 ;
- une vulnérabilité de CFNetwork : les URI (pour Uniform Resource Identifier) FTP ne sont pas validées correctement. Une personne pourrait, en visitant un site FTP construit de manière malveillante, lancer à son insu des commandes FTP contre un site tiers ;
- plusieurs vulnérabilités dans clamAV pour Mac OS X Server ;
- des vulnérabilités dans OpenSSL pour MacOS. Celles-ci ont été abordées dans des avis du CERTA, notamment CERTA-2006-AVI-421 et CERTA-2006-AVI-448 ;
- des vulnérabilités de PHP : certaines ont été décrites dans l'avis du CERTA CERTA-2006-AVI-481 ;
- une vulnérabilité de PPP : une personne malveillante pourrait, sur le même réseau qu'une machine vulnérable, envoyer un paquet spécialement conçu, afin de perturber PPPoE. Cela permettrait sous certaines conditions d'exécuter des commandes arbitraires à distance. PPPoE n'est cependant pas activé par défaut.
Solution
Se référer au bulletin de sécurité de l'éditeur Apple pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Apple Mac OS X Server v10.3.9 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple Mac OS X v10.4.8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple Mac OS X Server v10.4.8.",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple Mac OS X v10.3.9 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. Parmi celles-ci :\n\n- une vuln\u00e9rabilit\u00e9 des pilotes de cartes sans-fil Airport : ils\n n\u0027interpreteraient pas correctement des paquets r\u00e9pondant \u00e0 une\n requ\u00eate de sondage (de type Probe). Une personne malveillante\n pourrait donc \u00e9mettre un paquet malform\u00e9, en r\u00e9ponse \u00e0 une requ\u00eate,\n afin de provoquer l\u0027ex\u00e9cution de commandes arbitraires \u00e0 distance.\n Les solutions de s\u00e9curit\u00e9 comme WPA, VPN, 802.11i ne prot\u00e8gent pas\n de cette cat\u00e9gorie d\u0027attaques visant directement le pilote de la\n carte r\u00e9seau. Le CERTA mentionne ce probl\u00e8me dans le bulletin\n d\u0027actualit\u00e9 CERTA-2006-ACT-046 ;\n- une vuln\u00e9rabilit\u00e9 de CFNetwork : les URI (pour Uniform Resource\n Identifier) FTP ne sont pas valid\u00e9es correctement. Une personne\n pourrait, en visitant un site FTP construit de mani\u00e8re malveillante,\n lancer \u00e0 son insu des commandes FTP contre un site tiers ;\n- plusieurs vuln\u00e9rabilit\u00e9s dans clamAV pour Mac OS X Server ;\n- des vuln\u00e9rabilit\u00e9s dans OpenSSL pour MacOS. Celles-ci ont \u00e9t\u00e9\n abord\u00e9es dans des avis du CERTA, notamment CERTA-2006-AVI-421 et\n CERTA-2006-AVI-448 ;\n- des vuln\u00e9rabilit\u00e9s de PHP : certaines ont \u00e9t\u00e9 d\u00e9crites dans l\u0027avis\n du CERTA CERTA-2006-AVI-481 ;\n- une vuln\u00e9rabilit\u00e9 de PPP : une personne malveillante pourrait, sur\n le m\u00eame r\u00e9seau qu\u0027une machine vuln\u00e9rable, envoyer un paquet\n sp\u00e9cialement con\u00e7u, afin de perturber PPPoE. Cela permettrait sous\n certaines conditions d\u0027ex\u00e9cuter des commandes arbitraires \u00e0\n distance. PPPoE n\u0027est cependant pas activ\u00e9 par d\u00e9faut.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur Apple pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2006-4339",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4339"
},
{
"name": "CVE-2006-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1990"
},
{
"name": "CVE-2006-4398",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4398"
},
{
"name": "CVE-2006-5465",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5465"
},
{
"name": "CVE-2006-4403",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4403"
},
{
"name": "CVE-2006-2940",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2940"
},
{
"name": "CVE-2006-4182",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4182"
},
{
"name": "CVE-2006-4404",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4404"
},
{
"name": "CVE-2006-4334",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4334"
},
{
"name": "CVE-2006-4343",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4343"
},
{
"name": "CVE-2006-4408",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4408"
},
{
"name": "CVE-2006-4335",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4335"
},
{
"name": "CVE-2006-4396",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4396"
},
{
"name": "CVE-2006-4401",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4401"
},
{
"name": "CVE-2006-4407",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4407"
},
{
"name": "CVE-2006-3403",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3403"
},
{
"name": "CVE-2006-4400",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4400"
},
{
"name": "CVE-2006-4336",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4336"
},
{
"name": "CVE-2006-4337",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4337"
},
{
"name": "CVE-2006-4402",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4402"
},
{
"name": "CVE-2006-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3738"
},
{
"name": "CVE-2006-1490",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1490"
},
{
"name": "CVE-2006-2937",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2937"
},
{
"name": "CVE-2006-4409",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4409"
},
{
"name": "CVE-2006-4410",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4410"
},
{
"name": "CVE-2006-4411",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4411"
},
{
"name": "CVE-2006-5710",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5710"
},
{
"name": "CVE-2006-4338",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4338"
},
{
"name": "CVE-2006-4412",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4412"
},
{
"name": "CVE-2006-3962",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3962"
},
{
"name": "CVE-2006-4406",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4406"
}
],
"links": [
{
"title": "Bulletin d\u0027actualit\u00e9 du CERTA CERTA-2006-ACT-046 du 17 novembre 2006 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-ACT-046.pdf"
},
{
"title": "Avis du CERTA CERTA-2006-AVI-448 du 11 octobre 2006 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-448/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple 2006-007 du 28 novembre 2006 :",
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"title": "Avis du CERTA CERTA-2006-AVI-421 du 03 octobre 2006 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-421/"
}
],
"reference": "CERTA-2006-AVI-517",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-11-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. Certaines pourraient, si elles sont\nexploit\u00e9es par une personne malveillante, provoquer l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de mises \u00e0 jour Apple 2006-007 du 28 novembre 2006",
"url": null
}
]
}
FKIE_CVE-2006-4409
Vulnerability from fkie_nvd - Published: 2006-11-30 16:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked."
},
{
"lang": "es",
"value": "El servicio Online Certificate Status Protocol (OCSP) en el Security Framework en Apple Mac OS X 10.4 hasta 10.4.8 recupera listas de revocaci\u00f3n de certificados (CRL) cuando un proxy HTTP est\u00e1 en uso, lo cual podr\u00eda causar que el sistema acepte certificados que han sido revocados."
}
],
"id": "CVE-2006-4409",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-30T16:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23155"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017298"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/30729"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21335"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4750"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2006-4409
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2006-4409",
"description": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.",
"id": "GSD-2006-4409"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2006-4409"
],
"details": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.",
"id": "GSD-2006-4409",
"modified": "2023-12-13T01:19:51.274191Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-4750",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=304829",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"name": "21335",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21335"
},
{
"name": "30729",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30729"
},
{
"name": "1017298",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017298"
},
{
"name": "23155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23155"
},
{
"name": "APPLE-SA-2006-11-28",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"name": "TA06-333A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"name": "VU#811384",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/811384"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4409"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://docs.info.apple.com/article.html?artnum=304829",
"refsource": "CONFIRM",
"tags": [],
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"name": "APPLE-SA-2006-11-28",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"name": "TA06-333A",
"refsource": "CERT",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"name": "23155",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23155"
},
{
"name": "21335",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/21335"
},
{
"name": "1017298",
"refsource": "SECTRACK",
"tags": [],
"url": "http://securitytracker.com/id?1017298"
},
{
"name": "VU#811384",
"refsource": "CERT-VN",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"name": "30729",
"refsource": "OSVDB",
"tags": [],
"url": "http://www.osvdb.org/30729"
},
{
"name": "ADV-2006-4750",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2006/4750"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2011-03-08T02:40Z",
"publishedDate": "2006-11-30T16:28Z"
}
}
}
GHSA-9JC8-8P5C-R55W
Vulnerability from github – Published: 2022-05-01 07:18 – Updated: 2022-05-01 07:18
VLAI?
Details
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
{
"affected": [],
"aliases": [
"CVE-2006-4409"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2006-11-30T16:28:00Z",
"severity": "MODERATE"
},
"details": "The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.",
"id": "GHSA-9jc8-8p5c-r55w",
"modified": "2022-05-01T07:18:24Z",
"published": "2022-05-01T07:18:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4409"
},
{
"type": "WEB",
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23155"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1017298"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/811384"
},
{
"type": "WEB",
"url": "http://www.osvdb.org/30729"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/21335"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2006/4750"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…