Vulnerability Note VU#847468
Apple Workgroup Manager fails to properly enable ShadowHash passwords
Apple Workgroup Manager fails to properly enable ShadowHash passwords in a NetInfo parent. Workgroup Manager may appear to use ShadowHash passwords when crypt is used.
Workgroup Manager is a system adimistration tool in Apple Mac OS X Server that manages users, groups, and computers across a network. According to Apple Security Update 2006-006:
Workgroup Manager appears to allow switching authentication type from crypt to ShadowHash passwords in a NetInfo parent, when in actuality it does not.
Workgroup Manager may appear to use ShadowHash passwords when crypt is used.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer, Inc.||Affected||-||02 Oct 2006|
CVSS Metrics (Learn More)
This issue was reported in Apple Security Update 2006-006. Apple credits Chris Pepper of The Rockefeller University for reporting this issue.
This document was written by Chris Taschner.
- CVE IDs: CVE-2006-4399
- Date Public: 29 Sep 2006
- Date First Published: 02 Oct 2006
- Date Last Updated: 21 Nov 2006
- Document Revision: 10
If you have feedback, comments, or additional information about this vulnerability, please send us email.