|
|
|
Vulnerability Note VU#847468Apple Workgroup Manager fails to properly enable ShadowHash passwordsOverviewApple Workgroup Manager fails to properly enable ShadowHash passwords in a NetInfo parent. Workgroup Manager may appear to use ShadowHash passwords when crypt is used.I. DescriptionWorkgroup Manager is a system adimistration tool in Apple Mac OS X Server that manages users, groups, and computers across a network. According to Apple Security Update 2006-006:Workgroup Manager appears to allow switching authentication type from crypt to ShadowHash passwords in a NetInfo parent, when in actuality it does not. II. ImpactWorkgroup Manager may appear to use ShadowHash passwords when crypt is used.III. SolutionUpgradeApple has addressed this issue in Apple Security Update 2006-006.
References
This issue was reported in Apple Security Update 2006-006. Apple credits Chris Pepper of The Rockefeller University for reporting this issue. This document was written by Chris Taschner.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
|||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||
Get Adobe Reader