.

Healthy Passwords

.

.

OS-X Lion Exposes All Enterprise LDAP Resources

Date: 2011-08-26 17:26:51

OS-X Lion Promo Image

The new version of OS-X (Lion) has a major authentication vulnerability. Once logged into an LDAP server (Servers commonly used for business Single Sign On: SSO), the user can access any device on the network without any password. For businesses, this is an enormous security risk. For most home users, this is not an issue.

This means a user authenticated to LDAP running OS-X Lion, can probably look at any network share or computer hard drive on the corporate network. After the initial login, Lion users can log into any other LDAP resource with any password.

According to The H Security, Apple has been informed of the problem and has successfully reproduced it.

Apple has known of this problem for over a month and has not yet issued a patch.

Category: OS-X

Subcategory: Passwords

McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

 Subscribe in a reader

.

Leaf

Leaf

Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal

Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved.

 Sustainable Alternatives, LLC BBB Business Review
Leaf

.

Leaf