Vulnerability Note VU#897628
Apple Mac OS X may allow network accounts to bypass service access controls
Apple Mac OS X may allow network accounts to bypass service access controls. This vulnerability may allow remote users with a valid network account to bypass LoginWindow service access controls.
Remote access to a system can be restricted by service access controls via LoginWindow. According to Apple Security Update 2006-006:
A logic error in loginwindow allows network accounts without GUIDs to bypass service access controls.
This vulnerability may allow remote users with a valid network account to bypass LoginWindow service access controls.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer, Inc.||Affected||-||02 Oct 2006|
CVSS Metrics (Learn More)
This issue was reported in Apple Security Update 2006-006.
This document was written by Chris Taschner.
- CVE IDs: CVE-2006-4394
- Date Public: 29 Sep 2006
- Date First Published: 02 Oct 2006
- Date Last Updated: 02 Oct 2006
- Severity Metric: 2.76
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.