Mac OS X FileVault Discloses Passwords to Local Users in Certain Cases
|
|
SecurityTracker Alert ID: 1027024 |
|
SecurityTracker URL: http://securitytracker.com/id/1027024
|
|
CVE Reference:
CVE-2012-0652
(Links to External Site)
|
Updated: May 10 2012
|
Original Entry Date: May 6 2012
|
Impact:
Disclosure of authentication information
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 10.7.3, in certain cases
|
Description:
A vulnerability was reported in Mac OS X. A local user can obtain passwords.
On systems that used FileVault encryption prior to OS X Lion (version 10.7.3) and have since been updated to OS X Lion version 10.7.3, user login passwords are stored in a log file in clear text. A local user with root or admin privileges can view the passwords.
FileVault 2 is not affected.
Terry Reeves and Tim Winningham of the Ohio State University, Markus 'Jaroneko' Raty of the Finnish Academy of Fine Arts, Jaakko Pero of Aalto University, Mark Cohen of Oregon State University, and Paul Nelson reported this vulnerability.
|
Impact:
A local user with root or admin privileges can obtain user login passwords.
|
Solution:
The vendor has issued a fix (10.7.4).
The vendor's advisory will be available at:
http://support.apple.com/kb/HT1222
|
Vendor URL: www.apple.com/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sun, 06 May 2012 22:56:33 +0000
Subject: Apple Mac OS X
|
http://cryptome.org/2012/05/apple-filevault-hole.htm
> Apple Legacy Filevault Hole
|
|
