PT-2001-1337 · Apple · Macos 9

Published

2001-02-02

Updated

2021-09-22

CVE-2001-0102

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Mac OS 9

Description: The issue allows normal users to gain owner privileges by removing the Users & Groups Data File, effectively removing the owner password. This enables a normal user to log in as the owner account without a password.

Recommendations: For Mac OS 9, consider implementing access controls to prevent normal users from removing the Users & Groups Data File as a temporary workaround. Restrict access to the Users & Groups Data File to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0102

Affected Products

Macos 9

PT-2001-1337 · Apple · Macos 9

CVE-2001-0102

Related Identifiers

Affected Products

References · 3