CVE-2010-3783 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2010-3783

CWE

https://cwe.mitre.org/data/definitions/264.html

Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Mac_os_x_server	Apple	10.5.8 (including)	10.5.8 (including)
Mac_os_x_server	Apple	10.6.0 (including)	10.6.0 (including)
Mac_os_x_server	Apple	10.6.1 (including)	10.6.1 (including)
Mac_os_x_server	Apple	10.6.2 (including)	10.6.2 (including)
Mac_os_x_server	Apple	10.6.3 (including)	10.6.3 (including)
Mac_os_x_server	Apple	10.6.4 (including)	10.6.4 (including)

References

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://support.apple.com/kb/HT4435
http://www.securitytracker.com/id?1024723