Symlink Attack Vulnerability in Mac OS X Directory Services

CVE-2005-2714 · MEDIUM Severity

AV:L/AC:L/AU:S/C:C/I:C/A:C

passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.

Learn more about our User Device Pen Test.