CVE-2010-1820

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.6.x through 10.6.4

Description The issue is related to the Apple Filing Protocol (AFP) Server, which does not properly handle errors. This allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name.

Recommendations For Apple Mac OS X versions 10.6.x through 10.6.4, consider restricting access to shared folders until a fix is available. As a temporary workaround, limit the use of the AFP Server to minimize the risk of exploitation.