CVE-2007-0743

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.3.9 through 10.4.9

Description The issue allows local users to potentially obtain sensitive information, such as usernames and passwords, by listing processes. This is due to the URLMount feature passing credentials as command line arguments to the mount sub command.

Recommendations For Apple Mac OS X versions 10.3.9 through 10.4.9, consider restricting access to the mount sub command to minimize the risk of exploitation. As a temporary workaround, avoid using the URLMount feature for mounting filesystems on SMB servers until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.