Mac OS X AFP Drop Box Information Disclosure

2005-03-21T00:00:00
ID OSVDB:15005
Type osvdb
Reporter John M. Glenn()
Modified 2005-03-21T00:00:00

Description

Vulnerability Description

Mac OS X contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by insecure default permissions on the Drop Box, which will disclose Drop Box contents information resulting in a loss of confidentiality.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Short Description

Mac OS X contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by insecure default permissions on the Drop Box, which will disclose Drop Box contents information resulting in a loss of confidentiality.

References:

Vendor Specific Advisory URL Security Tracker: 1013502 Secunia Advisory ID:14655 Mail List Post: http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html CVE-2005-0715