cvelistv5 - CVE-2008-3618

CVE-2008-3618 (GCVE-0-2008-3618)

Vulnerability from cvelistv5

Published

2008-09-16 23:00

Modified

2024-08-07 09:45

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html	Patch
cve@mitre.org	http://securitytracker.com/id?1020883
cve@mitre.org	http://www.kb.cert.org/vuls/id/126787	Patch, US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/31189	Patch
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA08-260A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2584
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45175
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020883
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/126787	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31189	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-260A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2584
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45175

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:45:19.001Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "31189",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31189"
          },
          {
            "name": "VU#126787",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/126787"
          },
          {
            "name": "APPLE-SA-2008-09-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
          },
          {
            "name": "TA08-260A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
          },
          {
            "name": "ADV-2008-2584",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "name": "1020883",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020883"
          },
          {
            "name": "macos-filesharing-weak-security(45175)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "31189",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31189"
        },
        {
          "name": "VU#126787",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/126787"
        },
        {
          "name": "APPLE-SA-2008-09-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
        },
        {
          "name": "TA08-260A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
        },
        {
          "name": "ADV-2008-2584",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2584"
        },
        {
          "name": "1020883",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020883"
        },
        {
          "name": "macos-filesharing-weak-security(45175)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3618",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "31189",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31189"
            },
            {
              "name": "VU#126787",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/126787"
            },
            {
              "name": "APPLE-SA-2008-09-15",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
            },
            {
              "name": "TA08-260A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
            },
            {
              "name": "ADV-2008-2584",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2584"
            },
            {
              "name": "1020883",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020883"
            },
            {
              "name": "macos-filesharing-weak-security(45175)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3618",
    "datePublished": "2008-09-16T23:00:00",
    "dateReserved": "2008-08-12T00:00:00",
    "dateUpdated": "2024-08-07T09:45:19.001Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-3618\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-09-16T23:00:01.243\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended.\"},{\"lang\":\"es\",\"value\":\"El Panel File Sharing  en las preferencias Sharing en Apple Mac OS X 10.5 a la v10.5.4, no informa a los usuarios del contenido completo de que su directorio personal est\u00e1 siendo compartido para uso propio, lo que podr\u00eda permitir a atacantes aprovechar otras vulnerabilidades y acceder a ficheros que no est\u00e1 compartidos intencionadamente.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2442D35-7484-43D8-9077-3FDF63104816\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F3E721C-00CA-4D51-B542-F2BC5C0D65BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3267A41-1AE0-48B8-BD1F-DEC8A212851A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"855288F1-0242-4951-AB3F-B7AF13E21CF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10082781-B93E-4B84-94F2-FA9749B4D92B\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1020883\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/126787\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/31189\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2584\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/45175\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1020883\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/126787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/31189\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/45175\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

Description

De multiples vulnérabilités ont été corrigées dans Mac OS X. Celles-ci permettent notamment à une personne malintentionnée d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Mac OS X Server versions antérieures à 10.5.5.
	N/A	N/A	Mac OS X versions antérieures à 10.5.5 ;

References

Title

Publication Time

ghsa-mjp9-pgr7-8j62

Vulnerability from github

Published

2022-05-02 00:02

Modified

2022-05-02 00:02

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-3618"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-09-16T23:00:00Z",
    "severity": "HIGH"
  },
  "details": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended.",
  "id": "GHSA-mjp9-pgr7-8j62",
  "modified": "2022-05-02T00:02:05Z",
  "published": "2022-05-02T00:02:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3618"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1020883"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/126787"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/31189"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2008-3618

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-3618

Aliases

CVE-2008-3618

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-3618",
    "description": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended.",
    "id": "GSD-2008-3618"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-3618"
      ],
      "details": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended.",
      "id": "GSD-2008-3618",
      "modified": "2023-12-13T01:23:05.781216Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-3618",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "31189",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/31189"
          },
          {
            "name": "VU#126787",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/126787"
          },
          {
            "name": "APPLE-SA-2008-09-15",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
          },
          {
            "name": "TA08-260A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
          },
          {
            "name": "ADV-2008-2584",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "name": "1020883",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1020883"
          },
          {
            "name": "macos-filesharing-weak-security(45175)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3618"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "31189",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/31189"
            },
            {
              "name": "APPLE-SA-2008-09-15",
              "refsource": "APPLE",
              "tags": [
                "Patch"
              ],
              "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
            },
            {
              "name": "VU#126787",
              "refsource": "CERT-VN",
              "tags": [
                "Patch",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/126787"
            },
            {
              "name": "1020883",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1020883"
            },
            {
              "name": "TA08-260A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
            },
            {
              "name": "ADV-2008-2584",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/2584"
            },
            {
              "name": "macos-filesharing-weak-security(45175)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:32Z",
      "publishedDate": "2008-09-16T23:00Z"
    }
  }
}

fkie_cve-2008-3618

Vulnerability from fkie_nvd

Published

2008-09-16 23:00

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html	Patch
cve@mitre.org	http://securitytracker.com/id?1020883
cve@mitre.org	http://www.kb.cert.org/vuls/id/126787	Patch, US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/31189	Patch
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA08-260A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2584
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45175
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020883
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/126787	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31189	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-260A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2584
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45175

Impacted products

Vendor	Product	Version
apple	mac_os_x	10.5
apple	mac_os_x	10.5.1
apple	mac_os_x	10.5.2
apple	mac_os_x	10.5.3
apple	mac_os_x	10.5.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended."
    },
    {
      "lang": "es",
      "value": "El Panel File Sharing  en las preferencias Sharing en Apple Mac OS X 10.5 a la v10.5.4, no informa a los usuarios del contenido completo de que su directorio personal est\u00e1 siendo compartido para uso propio, lo que podr\u00eda permitir a atacantes aprovechar otras vulnerabilidades y acceder a ficheros que no est\u00e1 compartidos intencionadamente."
    }
  ],
  "id": "CVE-2008-3618",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-16T23:00:01.243",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1020883"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/126787"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/31189"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020883"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/126787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/31189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution, sensitive information disclosure, denial of service, privilege escalation, or DNS cache poisoning.

III. These and other updates are available via Software Update or via Apple Downloads.

IV. Please send email to cert@cert.org with "TA08-260A Feedback VU#547251" in the subject.

For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.

Produced 2008 by US-CERT, a government organization.

<http://www.us-cert.gov/legal.html>

Revision History

September 16 2008: Initial release

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSNANfnIHljM+H4irAQLlgQf+PqS9CZoUf6f9zPZNbyKDhBYETyc31z6G yrF/p3T2ZfH7qK43GbgSHbriAHi+nzlKdYk6vbt++6mE3Jr3QHmk/gyjp4BD8whS 1Qp6wamRmDUMgboseftfE/Pa/lAoFSejvUsGdgbkrNNH/95LcsPFqL+6pBQHna2c nFyEz3vMMPGxJr99Nf0Vda0O255fcjpvcVddbj005wvmyA83IT43ZFgAoINkKDvi qRo2jNmucDoQZTzX/ap1zU3ZSu5dBHlnH1qUK0BvFQSeLeGwaMoijkn2xqpCbzsV 4u3ErEkcLAQVMsTJBEzIs22WU4yRWF07eumhng3rIgGjbXuleNPfig== =SOoC -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0192",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.5.4"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.5"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.5.2"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.5.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.5.3"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple computer",
        "version": null
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5 to  v10.5.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.1"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.3"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.2"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.11"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.11"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "ilife",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.0"
      },
      {
        "model": "aperture",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2"
      },
      {
        "model": "mac os server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "ilife support",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.3.1"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#126787"
      },
      {
        "db": "BID",
        "id": "31189"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3618"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Pete Finnigan\u203b pete@peterfinnigan.demon.co.uk\u203bEsteban Martinez FayoJoxean Koret\u203b joxeankoret@yahoo.es\u203bAlexander Kornbrust\u203b ak@red-database-security.com\u203bAmichai Shulman\u203b shulman@imperva.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-3618",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2008-3618",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-33743",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2008-3618",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#126787",
            "trust": 0.8,
            "value": "1.01"
          },
          {
            "author": "NVD",
            "id": "CVE-2008-3618",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200809-221",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-33743",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#126787"
      },
      {
        "db": "VULHUB",
        "id": "VHN-33743"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3618"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended. \nThe security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. Attackers could exploit these vulnerabilities to execute arbitrary\n   code, gain access to sensitive information, or cause a denial of service. \n\n\nI. \n\n\nII. Impact\n\n   The impacts of these vulnerabilities vary. Potential consequences include\n   arbitrary  code execution, sensitive information disclosure, denial of\n   service, privilege escalation, or DNS cache poisoning. \n\n\nIII. \n   These and other updates are available via Software Update or via Apple\n   Downloads. \n\n\nIV. Please send\n  email to \u003ccert@cert.org\u003e with \"TA08-260A Feedback VU#547251\" in the\n  subject. \n _________________________________________________________________\n\n  For instructions on subscribing to or unsubscribing from this\n  mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n _________________________________________________________________\n\n  Produced 2008 by US-CERT, a government organization. \n\n  Terms of use:\n\n    \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\n   Revision History\n\n   September 16 2008: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBSNANfnIHljM+H4irAQLlgQf+PqS9CZoUf6f9zPZNbyKDhBYETyc31z6G\nyrF/p3T2ZfH7qK43GbgSHbriAHi+nzlKdYk6vbt++6mE3Jr3QHmk/gyjp4BD8whS\n1Qp6wamRmDUMgboseftfE/Pa/lAoFSejvUsGdgbkrNNH/95LcsPFqL+6pBQHna2c\nnFyEz3vMMPGxJr99Nf0Vda0O255fcjpvcVddbj005wvmyA83IT43ZFgAoINkKDvi\nqRo2jNmucDoQZTzX/ap1zU3ZSu5dBHlnH1qUK0BvFQSeLeGwaMoijkn2xqpCbzsV\n4u3ErEkcLAQVMsTJBEzIs22WU4yRWF07eumhng3rIgGjbXuleNPfig==\n=SOoC\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-3618"
      },
      {
        "db": "CERT/CC",
        "id": "VU#126787"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "db": "BID",
        "id": "31189"
      },
      {
        "db": "VULHUB",
        "id": "VHN-33743"
      },
      {
        "db": "PACKETSTORM",
        "id": "70024"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#126787",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "31189",
        "trust": 2.8
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3618",
        "trust": 2.8
      },
      {
        "db": "USCERT",
        "id": "TA08-260A",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1020883",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-2584",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "45175",
        "trust": 1.4
      },
      {
        "db": "USCERT",
        "id": "SA08-260A",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "TA08-260A",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2008-09-15",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-33743",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "70024",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#126787"
      },
      {
        "db": "VULHUB",
        "id": "VHN-33743"
      },
      {
        "db": "BID",
        "id": "31189"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "db": "PACKETSTORM",
        "id": "70024"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3618"
      }
    ]
  },
  "id": "VAR-200809-0192",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-33743"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T19:53:33.192000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security Update 2008-006",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3137"
      },
      {
        "title": "Security Update 2008-006",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3137?viewlocale=ja_JP"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-33743"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3618"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://www.kb.cert.org/vuls/id/126787"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/31189"
      },
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
      },
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1020883"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2008/2584"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/45175"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2008/2584"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45175"
      },
      {
        "trust": 0.8,
        "url": "about vulnerability notes"
      },
      {
        "trust": 0.8,
        "url": "contact us about this vulnerability"
      },
      {
        "trust": 0.8,
        "url": "provide a vendor statement"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3618"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta08-260a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/tr/trta08-260a"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3618"
      },
      {
        "trust": 0.8,
        "url": "http://www.us-cert.gov/cas/alerts/sa08-260a.html"
      },
      {
        "trust": 0.3,
        "url": "http://support.apple.com/kb/ht3137"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/macosx/"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=apple_security_update_2008_006\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht1338?viewlocale=en_us\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht3137\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/signup.html\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#126787"
      },
      {
        "db": "VULHUB",
        "id": "VHN-33743"
      },
      {
        "db": "BID",
        "id": "31189"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "db": "PACKETSTORM",
        "id": "70024"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3618"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#126787"
      },
      {
        "db": "VULHUB",
        "id": "VHN-33743"
      },
      {
        "db": "BID",
        "id": "31189"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "db": "PACKETSTORM",
        "id": "70024"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3618"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-09-16T00:00:00",
        "db": "CERT/CC",
        "id": "VU#126787"
      },
      {
        "date": "2008-09-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-33743"
      },
      {
        "date": "2008-09-15T00:00:00",
        "db": "BID",
        "id": "31189"
      },
      {
        "date": "2008-10-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "date": "2008-09-16T21:50:37",
        "db": "PACKETSTORM",
        "id": "70024"
      },
      {
        "date": "2008-09-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      },
      {
        "date": "2008-09-16T23:00:01.243000",
        "db": "NVD",
        "id": "CVE-2008-3618"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-10-14T00:00:00",
        "db": "CERT/CC",
        "id": "VU#126787"
      },
      {
        "date": "2017-08-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-33743"
      },
      {
        "date": "2008-11-13T22:34:00",
        "db": "BID",
        "id": "31189"
      },
      {
        "date": "2008-10-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001727"
      },
      {
        "date": "2008-11-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      },
      {
        "date": "2024-11-21T00:49:42.283000",
        "db": "NVD",
        "id": "CVE-2008-3618"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Mac OS X file sharing allows authenticated remote access to files and directories",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#126787"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-221"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2008-3618 (GCVE-0-2008-3618)

Vulnerability from cvelistv5

CERTA-2008-AVI-463

Vulnerability from certfr_avis

Description

Solution

ghsa-mjp9-pgr7-8j62

Vulnerability from github

gsd-2008-3618

Vulnerability from gsd

fkie_cve-2008-3618

Vulnerability from fkie_nvd

var-200809-0192

Vulnerability from variot

Tags

Sightings

Nomenclature