CVE-1999-1077

Name of the Vulnerable Software and Affected Versions MacOS 9

Description The issue allows local attackers to bypass the password protection of idled sessions. This can be achieved via the programmer's switch or the CMD-PWR keyboard sequence, which brings up a debugger. The attacker can then use this debugger to disable the lock, effectively bypassing the password protection.

Recommendations For MacOS 9, as a temporary workaround, consider disabling the idle locking function until a more permanent solution is available. Restrict access to the debugger to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.