Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability

From: ph0enix <ph0enix () justonemorething org>
Date: Thu, 19 May 2005 08:36:10 +0200
Date: May 19, 2005
Description: OSX 10.4 Dashboard Permits Hijacking of Authenticated Credentials 

This issue is known since 2005-05-09 and OSVDB had an entry already:
http://www.osvdb.org/16499


Versions Affected:
OSX 10.4.0
OSX 10.4.1
10.4.1 doesn't seem to be vulnerable. Could you please show how do you exploit this when the option in Safari is turned on? 


www.osvdb.org -- everything is vulnerable.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: