[Full-disclosure] Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability
ph0enix
ph0enix at justonemorething.org
Thu May 19 07:36:10 BST 2005
> Date: May 19, 2005
> Description: OSX 10.4 Dashboard Permits Hijacking of Authenticated
> Credentials
This issue is known since 2005-05-09 and OSVDB had an entry already:
http://www.osvdb.org/16499
> Versions Affected:
> OSX 10.4.0
> OSX 10.4.1
10.4.1 doesn't seem to be vulnerable. Could you please show how do
you exploit this when the option in Safari is turned on?
www.osvdb.org -- everything is vulnerable.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050519/b5d7ef01/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.