.

Healthy Passwords

.

.

OS-X Lion Gets A Second Black Eye

Date: 2011-09-20 09:57:07

CNet details a new vulnerability in the newest OS-X verstion, Lion. This vulnerability allows anyone with terminal access to your OS-X instance (Locally or remotely) to change any password on the system by issuing a simple command:

dscl localhost -passwd /Search/Users/USERNAME

Protecting your system is impossible, but you can greatly deter access by disabling SSH access, disabling auto-login, enabling screensaver and sleep passwords, and disabling guest accounts. The original CNet article has details on most of these

OS-X's first black eye was obtained by Exposes all Enterprise LDAP Resources. This vulnerability is also related to LDAP changes made in Lion.

Category: OS-X

Subcategory: Authentication

McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

 Subscribe in a reader

.

Leaf

Leaf

Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal

Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved.

 Sustainable Alternatives, LLC BBB Business Review
Leaf

.

Leaf