Skip to content

September 23, 2010

Mac OS X Security Update 2010-006 (AFP)

Apple this week released Security Update 2010-006 to patch a vulnerability in Apple Filing Protocol (AFP) – also known as File Sharing – which could allow an attacker to gain access to shared folders without a password. This only affects Mac OS X 10.6, Mac OS X Server 10.6, and File Sharing is disabled by default.

  • AFPCVE-ID: CVE-2010-1820

    Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4

    Impact: A remote attacker may access AFP shared folders without a valid password

    Description: An error handling issue exists in AFP Server. A remote attacker with knowledge of an account name on a target system may bypass the password validation and access AFP shared folders. By default, File Sharing is not enabled. This issue does not affect systems prior to Mac OS X v10.6. Credit to Pike School in Massachusetts for reporting this issue.

Related posts:

  1. Java Security Updates for Leopard and Snow Leopard
  2. Safari Errorjacking Vulnerability and Exploit [Patched]
  3. Security Update 2011-005 Fixes DigiNotar SSL Vulnerability
  4. Apple Releases Safari 5.0.3 and 4.1.3
  5. Mac OS X 10.6.7 and Security Update 2011-001
Read more from Security, Mac OS X, Updates
, , , , , , ,

Share your thoughts, post a comment.

(required)
(required)

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

css.php