CVE-2006-4887

Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:apple_remote_desktop:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:apple_remote_desktop:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:apple_remote_desktop:3.0.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:17

Type Values Removed Values Added
References () http://www.osvdb.org/32260 - () http://www.osvdb.org/32260 -
References () http://www.securityfocus.com/archive/1/446371/100/0/threaded - () http://www.securityfocus.com/archive/1/446371/100/0/threaded -
References () http://www.securityfocus.com/archive/1/446751/100/0/threaded - () http://www.securityfocus.com/archive/1/446751/100/0/threaded -
References () http://www.securityfocus.com/archive/1/447043/100/0/threaded - () http://www.securityfocus.com/archive/1/447043/100/0/threaded -
References () http://www.securityfocus.com/bid/20092 - () http://www.securityfocus.com/bid/20092 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/29060 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/29060 -

Information

Published : 2006-09-19 21:07

Updated : 2024-11-21 00:17


NVD link : CVE-2006-4887

Mitre link : CVE-2006-4887

CVE.ORG link : CVE-2006-4887


JSON object : View

Products Affected

apple

  • mac_os_x
  • apple_remote_desktop