/>
X

Apple plugs Mac OS X information stealing hole

Apple has pushed out a Mac OS X security update to plug a security hole that allows access to shared folders without a valid password.
ryan-naraine.jpg
Written by Ryan Naraine on

Apple has pushed out a Mac OS X security update to plug a security hole that allows access to shared folders without a valid password.

The vulnerability, which can be exploited remotely, occurs because of an error handling issue in the AFP server, the company warned in a brief advisory.

The skinny:

  • CVE-2010-1820 (available for  Mac OS X v10.6.4 and Mac OS X Server v10.6.4)
    • An error handling issue exists in AFP Server. A remote attacker with knowledge of an account name on a target system may bypass the password validation and access AFP shared folders. By default, File Sharing is not enabled. This issue does not affect systems prior to Mac OS X v10.6.

The patch is available via the Mac OS software update pane in System Preferences.

Related

A United Airlines pilot made a big speech to passengers. Not everyone will love it
screen-shot-2022-08-09-at-9-39-33-am.png

A United Airlines pilot made a big speech to passengers. Not everyone will love it

Business
Why you should really stop charging your phone overnight
iphone-charging.jpg

Why you should really stop charging your phone overnight

iPhone
How to get Photoshop for free
photoshop free trial

How to get Photoshop for free

Photo & Video