CVE-2009-2201

Currently unrated

Key Information:

Vendor: Apple
Status: Xsan
Vendor: CVE Published:; 15 September 2009

Summary

The screensharing feature in the Admin application in Apple Xsan before 2.2 places a cleartext username and password in a URL within an error dialog, which allows physically proximate attackers to obtain credentials by reading this dialog.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/53232

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/36385

vdb-entryx_refsource_BID

http://osvdb.org/58133

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Sep 15, 2009
Vulnerability Reserved
Jun 24, 2009