CVE-2006-4397

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.4 through 10.4.7

Description The issue is related to an unchecked error condition in the LoginWindow of Apple Mac OS X. This condition prevents Kerberos tickets from being destroyed if a user fails to log on to a network account from the login window. As a result, later users might be able to gain access to the original user's Kerberos tickets.

Recommendations For Apple Mac OS X versions 10.4 through 10.4.7, consider updating to a version outside of this range to mitigate the risk of unauthorized access to Kerberos tickets. As a temporary workaround, restrict access to sensitive network resources to minimize the risk of exploitation.