Patrick Dunstan

Researcher fromdefenseindepth.net
#30470of 53,633
8.6Total CVSS
Vulnerabilities · 2
Low
1
Medium
1
PT-2011-4457
2.1
2011-10-14
Apple · Macos X · CVE-2011-3435
**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X versions prior to 10.7.2 **Description** The issue allows local users to read the password data of arbitrary users via unspecified vectors. **Recommendations** For Apple Mac OS X versions prior to 10.7.2, update to version 10.7.2 or later to resolve the issue.
PT-2011-4458
6.5
2011-10-14
Apple · Macos X · CVE-2011-3436
**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X versions 10.7 through 10.7.1 **Description** The issue allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation, as the Open Directory does not require the current password to be provided before changing it. **Recommendations** For Apple Mac OS X versions 10.7 through 10.7.1, update to version 10.7.2 or later to resolve the issue.