Vulnerability Note VU#177243

Mac OS X Finder creates world-readable ".FBCIndex" file thereby disclosing sensitive information

Original Release date: 05 Aug 2002 | Last revised: 28 Mar 2005

Overview

Mac OS X's Find-By-Content indexing may store file data where it can be served to remote users by Apache.

Description

The Find-By-Content feature of Mac OS X generates indexing data from the contents of files in each directory. It then stores the indexing data for each directory in a hidden yet world-readable file named ".FBCIndex" within the same directory. If files in a directory served by the Apache Web server are indexed, the hidden index data file will be stored in the same directory where it can be viewed by remote users via HTTP.

Impact

Users may not be aware that their potentially sensitive file data is being indexed and stored where it can be served by Apache to the public.

Solution

The CERT/CC is currently unaware of a practical solution to this problem.

Turn off Find-By-Content indexing in Mac OS X.

Use Unix file permissions or Apache run-time configuration directives to limit access to the hidden index data file.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Apple Computer Inc.Affected19 Oct 200128 Mar 2005
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Eric Bennett for discovering this vulnerability.

This document was written by Shawn Van Ittersum.

Other Information

  • CVE IDs: Unknown
  • Date Public: 10 Sep 2001
  • Date First Published: 05 Aug 2002
  • Date Last Updated: 28 Mar 2005
  • Severity Metric: 11.25
  • Document Revision: 22

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.