Home » Hacking News » MacOS X file sharing information disclosure

MacOS X file sharing information disclosure

by Mario Miri on April 14th, 2003 When various file-sharing services are enabled on vulnerable MacOS X host, a non-legitimate user could change the read permissions for write-only files, revealing it's contents. This may be used for further attacks against the target system.

Vulnerable:
Apple MacOS X 10.0
Apple MacOS X 10.0.1
Apple MacOS X 10.0.2
Apple MacOS X 10.0.3
Apple MacOS X 10.0.4
Apple MacOS X 10.1
Apple MacOS X 10.1.1
Apple MacOS X 10.1.2
Apple MacOS X 10.1.3
Apple MacOS X 10.1.4
Apple MacOS X 10.1.5
Apple MacOS X 10.2.1
Apple MacOS X 10.2.2
Apple MacOS X 10.2.3
Apple MacOS X 10.2.4
Apple MacOS X Server 10.0
Apple MacOS X Server 10.2
Apple MacOS X Server 10.2.1
Apple MacOS X Server 10.2.2
Apple MacOS X Server 10.2.3
Apple MacOS X Server 10.2.4


Solution:
Update is available via the Software Update pane in System Preferences.


Discovered by:
Announced by the Apple Security Update.

From the forum

The forums are now OPEN AGAIN!

Xatrix.org © Copyright 2001-2016, Xatrix Security . All Rights Reserved
Never underestimate the determination of a kid who is time-rich and cash-poor. - Cory Doctorow