CVE-1999-1393
CVSS4.6
发布时间 :1999-05-21 00:00:00
修订时间 :2008-09-05 16:19:24
NMCOS    

[原文]Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible.


[CNNVD]Apple PowerBook 密码安全控制面板中的漏洞(CNNVD-199905-041)

         Apple Powerbooks的控制面板“Password Security”选项中存在漏洞。具有物理访问机器的攻击者通过启动具有一个紧急启动磁盘的“密码安全”并且使用一个磁盘编辑器修改aaaaaaaAPWD文件中的开/关切换或者密码,这些文件通常是不可访问的。
        

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:apple:mac_os:8.5Apple Mac OS 8.5
cpe:/o:apple:mac_os:8.6Apple Mac OS 8.6

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1393
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1393
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-199905-041
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/532
(VENDOR_ADVISORY)  BID  532
http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html
(VENDOR_ADVISORY)  MISC  http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html

- 漏洞信息

Apple PowerBook 密码安全控制面板中的漏洞
中危 设计错误
1999-05-21 00:00:00 2005-10-20 00:00:00
本地  
         Apple Powerbooks的控制面板“Password Security”选项中存在漏洞。具有物理访问机器的攻击者通过启动具有一个紧急启动磁盘的“密码安全”并且使用一个磁盘编辑器修改aaaaaaaAPWD文件中的开/关切换或者密码,这些文件通常是不可访问的。
        

- 公告与补丁

        Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 漏洞信息

6331
Apple PowerBook Mac OS Control Panel Security Physical Bypass
Physical Access Required Authentication Management
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

Mac OS contains a flaw that may allow a malicious user to bypass password restrictions on a PowerBook. The password settings are stored in a known file on the hard drive, and the password requirement can be disabled using disk editing software and a boot disk. It is possible that the flaw may allow unauthorized access resulting in a loss of confidentiality and integrity.

- 时间线

1999-05-21 Unknow
1999-05-21 Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

Apple PowerBook Password Security Control Panel Vulnerability
Design Error 532
No Yes
1999-05-21 12:00:00 2009-07-11 12:56:00
From an article at http://www.securemac.com by mSec.

- 受影响的程序版本

Apple Mac OS 8 8.6
Apple Mac OS 8 8.5

- 漏洞讨论

Powerbooks come with a 'Password Security' Control Panel. This allows the user to create a password that must be entered prior to the OS mounting the hard drive. This feature can be enabled or disabled by the user. The control panel stores the enabled/disabled state, as well as an encrypted verion of the password, in a file called 'aaaaaaaaAPWD' in the root of the drive. The problem is that this security feature can be bypassed with a boot disk and hard drive utility.

- 漏洞利用

Boot the laptop from an emergency startup disk. The password dialog will appear. Select 'Cancel'. The laptop will be usable, but the hard drive and it's contents will not. However, Norton Disk Editor can be used even on unmounted drives. Using it or a comparable product, change the byte at offset 3 of the 'aaaaaaaaAPWD' file from 01 to 00 to disable the security feature. Reboot from the hard drive.

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站