Power On Software On Guard for MacOS 3.2 Emergency Password Vulnerability

1999-07-29T00:00:00
ID EDB-ID:19439
Type exploitdb
Reporter Prozaq of mSec
Modified 1999-07-29T00:00:00

Description

Power On Software On Guard for MacOS 3.2 Emergency Password Vulnerability. Local exploit for osx platform

                                        
                                            source: http://www.securityfocus.com/bid/553/info

On Guard, a security program for MacOS, includes an emergency password feature in the event that the administrative password is lost or forgotten. If the user name 'emergency' is entered, On Guard will generate an Emergency Code. The user must then call Power On Software, and after registration validation is done, provide the Emergency Code. Power On Software will then provide an emergency password. However, the method used to generate this emergency password has been reverse engineered, and an exploit is publicly available that will automatically generate the emergency password with no phone call. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19439.sit