9 lines
No EOL
874 B
Text
9 lines
No EOL
874 B
Text
source: https://www.securityfocus.com/bid/3213/info
|
|
|
|
Intego FileGuard is a commercial access control utility for Mac OS versions 7-9.1. It's functionality includes the ability to enforce privileges, log activities, manage user accounts, restrict access by time, etc.
|
|
|
|
Intego FileGuard provides system level access restrictions to versions of Mac OS that otherwise would not have such access controls. However, a vulnerability exists which allows a local user to circumvent those controls and elevate privileges. A weak algorithm is used to encrypt the stored passwords.
|
|
|
|
mSec has released a tool called Disengage which will attempt to decrypt passwords, provided circumstances exist which allow Disengage to work. Passwords for Intego DiskGuard may also be decrypted in this manner.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21076.sit |