New (local) Mac OS X vulnerability : Passwords in Swap files
this posting on BugTraq. Apparently, swap files in Mac OS X (as of 10.3.4) contain user passwords in clear text.
Run the following on your Mac OS X box to see if you can find your passwords stored in clear text:
sudo strings -8 /var/vm/swapfile0 |grep -A 4 -i longname
At first, this 'vulnerability' may not seem like such a big deal. After all, the swap files are only readable by root. However, a system administrator should not have it so easy if he or she would want to obtain user passwords. Passwords should never be stored in clear text _anywhere_. A malicious trojan with root privileges can now steal user password in clear text, and many users use same passwords for other accounts, so this is a big deal. In addition, Keychain passwords are also apparently stored in clear text within the swap files (I haven't tested this). I hope Apple fixes this soon!
Nitesh Dhanjani is a well known security researcher, author, and speaker. Dhanjani has been invited to talk at various information security events such as the Black Hat Briefings, RSA, Hack in the Box, Microsoft Blue Hat, and OSCON.
Comments on this weblog
1 to 16 of 16
2004-06-28 08:03:00 timharig [View]
2004-06-28 07:02:28 [View]
2004-06-28 06:42:08 mp_nl [View]
2004-06-28 05:11:05 cool_fritz [View]
2004-06-28 03:03:24 email@example.com [View]
2004-06-27 23:20:12 recusant [View]
2004-06-27 22:34:34 James Elliott | [View]
2004-06-27 22:25:00 jaccorens [View]
2004-06-27 21:06:52 dtrickey [View]
2004-06-27 21:02:37 dtrickey [View]
2004-06-27 20:30:43 greenergrad [View]
1 to 16 of 16
Return to weblogs.oreilly.com.