Apple Mac OS X Authentication Bypass Vulnerability Network Vulnerability

Summary

This host is running Apple Mac OS X and is prone to authentication bypass vulnerability.

Impact

Successful exploitation will allow a local attacker to bypass password validation. Impact Level: System

Solution

Run Mac Updates and install OS X v10.8.5 Supplemental Update. For updates refer to http://support.apple.com/kb/HT5964. ***** NOTE: Ignore this warning, if above mentioned patch is already applied. *****

Insight

The flaw is due to a logic error in the way the program verifies authentication credentials.

Affected

Mac OS X version 10.8.5 and prior.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://packetstormsecurity.com/files/123506/
http://support.apple.com/kb/HT5964
http://www.osvdb.com/98090

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-5163
CVSS Base Score: 6.6
AV:L/AC:L/Au:N/C:N/I:C/A:C

Related Vulnerabilities

Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)
Apple Safari Secure Cookie Security Bypass Vulnerability (Mac OS X)
Apple Safari Webkit Multiple Vulnerabilities - May13 (Mac OS X)
Apple Safari Web Script Execution Vulnerabilites - June09
Apple Safari Multiple Vulnerabilities

Take action and discover your vulnerabilities