CVE-2004-0622

Current Description

Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory.

Basic Data

PublishedDecember 06, 2004
Last ModifiedOctober 19, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSAppleMac Os X10.3.4*******
    2.3OSAppleMac Os X10.4*******
    2.3OSAppleMac Os X10.5*******

Vulnerable Software List

VendorProductVersions
Apple Mac Os X 10.3.4, 10.4, 10.5

References

NameSourceURLTags
http://citp.princeton.edu/pub/coldboot.pdfhttp://citp.princeton.edu/pub/coldboot.pdfMISC
20040625 Mac OS X stores login/Keychain/FileVault passwords on diskhttp://marc.info/?l=bugtraq&m=108819559925981&w=2BUGTRAQ
20080228 Loginwindow.app and Mac OS Xhttp://www.securityfocus.com/archive/1/488930/100/100/threadedBUGTRAQ
20080229 Re: Loginwindow.app and Mac OS Xhttp://www.securityfocus.com/archive/1/488948/100/100/threadedBUGTRAQ
macos-memory-view-passwords(16557)https://exchange.xforce.ibmcloud.com/vulnerabilities/16557XF