CVE-2008-1578

EUVD-2008-1579
The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Affected Products (NVD)
VendorProductVersion
applemac_os_x
10.4.11
applemac_os_x
10.5
applemac_os_x
10.5.1
applemac_os_x
10.5.2
applemac_os_x_server
10.4.11
applemac_os_x_server
10.5
applemac_os_x_server
10.5.1
applemac_os_x_server
10.5.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
http://secunia.com/advisories/30430
http://securitytracker.com/id?1020142
http://www.securityfocus.com/bid/29412
http://www.securityfocus.com/bid/29520
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
http://www.vupen.com/english/advisories/2008/1697
https://exchange.xforce.ibmcloud.com/vulnerabilities/42725
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
http://secunia.com/advisories/30430
http://securitytracker.com/id?1020142
http://www.securityfocus.com/bid/29412
http://www.securityfocus.com/bid/29520
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
http://www.vupen.com/english/advisories/2008/1697
https://exchange.xforce.ibmcloud.com/vulnerabilities/42725