Vulnerability Description
Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allows local users on an Apple Remote Desktop administration system to modify the packages and gain root privileges on client systems that use the packages.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Remote Desktop | <= 3.0 |
References
- http://lists.apple.com/archives/security-announce/2006/Nov/msg00000.html
- http://secunia.com/advisories/22982Vendor Advisory
- http://securitytracker.com/id?1017241
- http://www.securityfocus.com/bid/21139
- http://www.vupen.com/english/advisories/2006/4567
- http://lists.apple.com/archives/security-announce/2006/Nov/msg00000.html
- http://secunia.com/advisories/22982Vendor Advisory
- http://securitytracker.com/id?1017241
- http://www.securityfocus.com/bid/21139
- http://www.vupen.com/english/advisories/2006/4567
FAQ
What is CVE-2006-4413?
CVE-2006-4413 is a vulnerability with a CVSS score of 7.2 (HIGH). Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allows local users on an Apple Remote Desktop administration system to modify the packages and gain root ...
How severe is CVE-2006-4413?
CVE-2006-4413 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4413?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Remote Desktop.