CVE-2008-3617

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.5 through 10.5.4

Description The issue allows attackers to potentially guess passwords that the user believed were longer due to the display of additional input characters beyond the maximum password length when setting a password for a VNC viewer using Remote Management and Screen Sharing.

Recommendations For Apple Mac OS X versions 10.5 through 10.5.4, consider restricting the use of Remote Management and Screen Sharing until a fix is available, and ensure that strong, unique passwords are used for VNC viewers to minimize the risk of exploitation.