Pen Tester is Saying: Mac OS X Lion's LDAP Server Is Vulnerable


New reports have shed light into the shocking ‘fact’ that the iPhone maker Apple Inc.’s latest version of the Mac OS X is plagued by some grave security risks, particularly for businesses which use it to communicate with a particular form of centralised network.
According to the reports, almost anyone who logs in to the Mac OS X 10.7, more popularly known as Lion, get instant access to restricted resources by typing in any random passwords with the help of the massively popular authentication technology LDAP.
LDAP (which stands for Lightweight Directory Access Protocol) servers, in simple words, are basically used for storing repositories of important enterprise data, mostly sensitive. Needless to say, for the same set of reasons, these servers more often than not, attract hackers who simply cannot resist the temptation of the forbidden ‘wealth’ contained by them.

“As pen testers, one of the first things we do is attack the LDAP server,”
Rob Graham, CEO of auditing firm Errata Security, said in a statement, The Register reports.
“Once we own an LDAP server we own everything. I can walk up to any laptop (in an organization) and log into it,” he added.
The issue was reported on July 25th, still the OS was released without any resolution resolution for the issue. The previous update i.e. Apple's 10.7.1 update didn't have the fix either.
 
-News Source (IT Protocol)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

Categories: ,

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...