Intego FileGuard 2.0/4.0 Weak Password Encryption Vulnerability

2001-08-20T00:00:00
ID EDB-ID:21076
Type exploitdb
Reporter MacSec
Modified 2001-08-20T00:00:00

Description

Intego FileGuard 2.0/4.0 Weak Password Encryption Vulnerability. CVE-2001-1165. Local exploit for osx platform

                                        
                                            source: http://www.securityfocus.com/bid/3213/info

Intego FileGuard is a commercial access control utility for Mac OS versions 7-9.1. It's functionality includes the ability to enforce privileges, log activities, manage user accounts, restrict access by time, etc.

Intego FileGuard provides system level access restrictions to versions of Mac OS that otherwise would not have such access controls. However, a vulnerability exists which allows a local user to circumvent those controls and elevate privileges. A weak algorithm is used to encrypt the stored passwords.

mSec has released a tool called Disengage which will attempt to decrypt passwords, provided circumstances exist which allow Disengage to work. Passwords for Intego DiskGuard may also be decrypted in this manner.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21076.sit