|
Family: MacOS X Local Security Checks --> Category: infos
Mac OS X < 10.4 Vulnerability Scan
Vulnerability Scan Summary Check for the version of Mac OS X
Detailed Explanation for this Vulnerability Test
The remote host is running a version of Mac OS X which is older than
version 10.4.
Versions older than 10.4 contain a security issue in the way they handle
the permissions of pseudo terminals.
When an application uses a new pseudo terminal, it can not restrict its
permissions to a safe mode. As a result, every created pseudo terminal
has permissions 0666 set, which allows a local attacker to sniff the session
of other users.
Solution : Upgrade to Mac OS X
See also : http://www.securityfocus.com/archive/1/397306
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|