Mac OS X Workgroup Manager Default Account Access

2003-07-23T00:00:00
ID OSVDB:7064
Type osvdb
Reporter OSVDB
Modified 2003-07-23T00:00:00

Description

Vulnerability Description

Mac OS X contains a flaw that may allow a malicious user to access a newly created account before it is saved for the first time. The issue is caused by new accounts being available for login before they are saved initially. It is possible that the flaw may allow unauthorized access resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Short Description

Mac OS X contains a flaw that may allow a malicious user to access a newly created account before it is saved for the first time. The issue is caused by new accounts being available for login before they are saved initially. It is possible that the flaw may allow unauthorized access resulting in a loss of integrity.

References:

Vendor Specific Advisory URL ISS X-Force ID: 12728 CVE-2003-0601 Bugtraq ID: 8266