.
.
.
Related Links
OS-X Lion Gets A Second Black Eye
Date: 2011-09-20 09:57:07
CNet details a new vulnerability in the newest OS-X verstion, Lion. This vulnerability allows anyone with terminal access to your OS-X instance (Locally or remotely) to change any password on the system by issuing a simple command:
dscl localhost -passwd /Search/Users/USERNAME
Protecting your system is impossible, but you can greatly deter access by disabling SSH access, disabling auto-login, enabling screensaver and sleep passwords, and disabling guest accounts. The original CNet article has details on most of these
OS-X's first black eye was obtained by Exposes all Enterprise LDAP Resources. This vulnerability is also related to LDAP changes made in Lion.
Category: OS-X
Subcategory: Authentication
|
Don't become a news story... |
|
| ISBN: 978-0615456850 |
Knowledge is the best home security. |
.
|
|
||
|
Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved. |
|
|
 |
.
