PT-2006-4370 · Apple · Macos X+1
Published
2006-08-02
·
Updated
2017-07-20
·
CVE-2006-3495
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apple Mac OS X versions 10.3.9 through 10.4.7
Description
The issue allows local users to obtain reconnect keys stored in a world-readable file by the AFP Server, enabling them to access files and folders of other users.
Recommendations
For Apple Mac OS X versions 10.3.9 through 10.4.7, consider restricting access to the world-readable file used by the AFP Server to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Afp Server
Macos X