{"vuid":"VU#371648","idnumber":"371648","name":"Apple Mac OS X ftpd may allow arbitrary users to determine account name validity","keywords":["Apple","Mac","OS X","ftpd","information disclosure","apple-2006-007"],"overview":"Apple Mac OS X ftpd may allow arbitrary users to determine account name validity. This vulnerability may reveal protected information or allow an attacker to cause a denial-of-service condition.","clean_desc":"According to Apple Security Update 2006-007: When attempting to authenticate a valid user, the FTP server may crash during a failed login attempt. The crash does not occur when attempting to authenticate unknown users.","impact":"A remote, unauthenticated attacker may be able to determine protected information or cause a denial-of-service condition.","resolution":"Apply Apple Updates\nThis issue is addressed by Apple Security Update 2006-007.","workarounds":"","sysaffected":"","thanks":"This issue was reported in Apple Security Update \n2006-007\n. Apple credits \nBenjamin Williams of the University of Canterbury for reporting this issue.","author":"This document was written by Chris Taschner.","public":["http://docs.info.apple.com/article.html?artnum=304829","http://secunia.com/advisories/23155/"],"cveids":["CVE-2006-4403"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-11-29T13:29:00Z","publicdate":"2006-11-28T00:00:00Z","datefirstpublished":"2006-11-30T15:48:56Z","dateupdated":"2006-11-30T15:49:15Z","revision":9,"vrda_d1_directreport":"0","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"15","cam_impact":"6","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"10.125","cam_scorecurrentwidelyknown":"13.5","cam_scorecurrentwidelyknownexploited":"27","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":10.125,"vulnote":null}