CVE-2008-2329

Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*

History

21 Nov 2024, 00:46

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html - Patch () http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html - Patch
References () http://secunia.com/advisories/31882 - () http://secunia.com/advisories/31882 -
References () http://securitytracker.com/id?1020874 - () http://securitytracker.com/id?1020874 -
References () http://www.securityfocus.com/bid/31189 - Patch () http://www.securityfocus.com/bid/31189 - Patch
References () http://www.us-cert.gov/cas/techalerts/TA08-260A.html - US Government Resource () http://www.us-cert.gov/cas/techalerts/TA08-260A.html - US Government Resource
References () http://www.vupen.com/english/advisories/2008/2584 - () http://www.vupen.com/english/advisories/2008/2584 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/45163 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/45163 -

Information

Published : 2008-09-16 23:00

Updated : 2024-11-21 00:46


NVD link : CVE-2008-2329

Mitre link : CVE-2008-2329

CVE.ORG link : CVE-2008-2329


JSON object : View

Products Affected

apple

  • mac_os_x
  • mac_os_x_server
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor