Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors.
2010-11-16T22:00:15.930
2025-04-11T00:51:21.963
Deferred
CVSSv2: 6.8 (MEDIUM)
AV:N/AC:L/Au:S/C:N/I:C/A:N
8.0
6.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | apple | mac_os_x_server | 10.5.8 | Yes |
Operating System | apple | mac_os_x_server | 10.6.0 | Yes |
Operating System | apple | mac_os_x_server | 10.6.1 | Yes |
Operating System | apple | mac_os_x_server | 10.6.2 | Yes |
Operating System | apple | mac_os_x_server | 10.6.3 | Yes |
Operating System | apple | mac_os_x_server | 10.6.4 | Yes |