BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Mac OS X Lion OpenLDAP Security Bypass

Disclosed July 25, 2011    Fully Patched

Vulnerability Description:

Mac OS X Lion OpenLDAP server contains a vulnerability that permits certain clients to log in using invalid usernames and invalid passwords.

Vendors:

Apple

Vulnerable Software/Devices:

Mac OS X Lion v10.7.1 and earlier

Vulnerability Severity:

High

Exploit Availability:

N/A

BeyondTrust Prevention and Detection:

  • BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
    • Retina 15395 - Apple Mac OS X Security Update 2011-006 and OS X 10.7.2 Update

Mitigation:

No reasonable mitigation exists.

Links:

CVE(s):

None

Leave a Reply