Jim Foraker

**Name of the Vulnerable Software and Affected Versions** Mac OS X versions prior to 10.4.2 **Description** The issue allows attackers to gain access to a root Terminal window when using Kerberos authentication with LDAP. **Recommendations** For Mac OS X versions prior to 10.4.2, consider disabling Kerberos authentication with LDAP until a patch is available. Restrict access to the root Terminal window to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mac OS X version 10.3.4 **Description** The issue is related to the handling of directory services lookups in the LoginWindow for Mac OS X. **Recommendations** For Mac OS X version 10.3.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.