Mac OS X Nidump Network Information Utility Discloses Password File to Any Local User - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > Nidump

Vendors: Apple Computer

Mac OS X Nidump Network Information Utility Discloses Password File to Any Local User

SecurityTracker Alert ID: 1001946

SecurityTracker URL: http://securitytracker.com/id/1001946

CVE Reference: CVE-2001-1412 (Links to External Site)

Updated: Jan 22 2008

Original Entry Date: Jul 8 2001

Impact: Disclosure of system information

Description: A vulnerability has been reported in the Nidump network information utility for Max OS X. The security hole allows local users to obtain the contents of the password file.

It is reported that the default installation of the nidump Mac OS X data extraction program allows local users to read the Mac OS X password file with the following command: /usr/bin/nidump passwd .

A local user can reportedly obtain read access to another file that may contain account information (/var/backups/local.nidump).

The nidump vulnerability allows local users that are not authorized to access the password file to access the password file. By itself, this does not give the local user unencrypted passwords, but it does allow the user to attempt to perform password cracking on all user accounts, including the root account.

Impact: Any local user can obtain the contents of the password file.

Solution: No vendor solution was available at the time of this entry. The report provides a workaround that involves changing the permissions and restricting who may use the Nidump application (chmod 550 /usr/bin/nidump).

Vendor URL: www.apple.com/ (Links to External Site)

Cause: Access control error

Underlying OS: MacOS

Message History: This archive entry has one or more follow-up message(s) listed below.

(Apple Issues Fix) Mac OS X Nidump Network Information Utility Discloses Password File to Any Local User (Product Security <product-security@apple.com>)
Apple has released a fix for Mac OS X.

Source Message Contents

Date: 6 Jul 2001 06:17:22 -0000
Subject: Macintosh Security News 05.07.2k1


securemac - http://www.securemac.com/

--------------------------- ListBot Sponsor --------------------------
Start Your Own FREE Email List at http://www.listbot.com/links/joinlb
----------------------------------------------------------------------

SecureMac.com 07.06.2001

Mac OS X SSH Helper is a program to help you manage your Mac OS X OpenSSH
keys and data files. 

The Mac OS X data extraction utility "nidump" has caused some security
concerns, with one simple command any user can obtain the passwd file hash
and run a brute-force crack on it to retrieve all user account passwords
including root account. Learn more about nidump's security concerns and
how to fix the problem @ SecureMac.com

Sams Publishing's Maximum Security 3rd Edition just released, this book is
highly recommended for everyone starting from beginners to experts. The
book covers all aspects of computer security, from windows, nt, and of
course Macintosh! Learn more about computer security and ways to keep your
system secure. The chapter on Macintosh security was revised by Nicholas
(aka Freaky) of SecureMac.com and Freaks Mac Archives.

SecureMac.com


______________________________________________________________________
To unsubscribe, write to securemac-unsubscribe@listbot.com

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC