PT-2006-5210 · Apple · Macos X
Eric Cronin
·
Published
2006-11-30
·
Updated
2011-03-08
·
CVE-2006-4407
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apple Mac OS X versions 10.3.x up to 10.3.9
Description
The issue is related to the Security Framework in Apple Mac OS X, which does not properly prioritize encryption ciphers. This causes Secure Transport to use a weaker cipher when negotiating the strongest shared cipher, making it easier for remote attackers to decrypt traffic.
Recommendations
For Apple Mac OS X versions 10.3.x up to 10.3.9, update to a version that properly prioritizes encryption ciphers to prevent the use of weaker ciphers.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Macos X