CVE-2001-1412
macOS X < 10.3 - Unauthenticated Password File Read via nidump passwd Argument
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-1412. PoCs published by Steven Kreuzer.
AI-analyzed exploit summary This is a writeup describing a vulnerability in MacOS X where the `nidump` utility can be used to extract sensitive information, including passwords, from the NetInfo database. The issue arises due to improper file permissions and can be exploited remotely if certain conditions are met.
Description
nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.
Exploits (1)
This is a writeup describing a vulnerability in MacOS X where the `nidump` utility can be used to extract sensitive information, including passwords, from the NetInfo database. The issue arises due to improper file permissions and can be exploited remotely if certain conditions are met.