September 26, 2023
Mac OS X Lion Creates Serious LDAP Security Risk

Mac OS X Lion Creates Serious LDAP Security Risk

Posted August 29, 2011 at 10:59pm by iClarified · 9355 views
Mac OS X Lion is reportedly creating serious security risks for businesses that use LDAP for authentication, reports TheRegister. LDAP stands for Lightweight Directory Access Protocol and LDAP servers often contain repositories of highly sensitive enterprise data.

The LDAP breakdowns in Lion aren't well understood because Apple still hasn't admitted there's any problem. But according to threads here and here, it affects Macs running Lion that use LDAP to authenticate users to different desktop machines. After the initial login, Lion users can log in with any password. Apple's latest operating system, which was released last month, blindly accepts whatever pass code it's given.

"Even though we have Open Directory running now (snark snark), we use OpenLDAP for our datacenter access and for clients," writes a MacRumors forum member. "Simply having Lion installed is a security vulnerability, as any user who can access OD settings can connect to the datacenter as any other users. It's a HUGE hole."

Strangely, Apple has not repaired the issue in 10.7.1 and it's unclear if developer builds of Lion 10.7.2 have fixed the issue either.

"It's a pretty big deal for customers using LDAP as their authentication scheme, and it demonstrates that enterprise deployment scenarios are obviously not part of Apple's regression testing plan," Alex Stamos, a researcher at iSec Partners, told TheRegister. "Hopefully heavy coverage of these issues will lead Apple to invest security resources into improving the areas of OS X important to enterprise users, not just end consumers."

Read More

Mac OS X Lion Creates Serious LDAP Security Risk

Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
iClarified Icon
Would you like to be notified when we post a new Apple news article or tutorial?
You must login or register to add a comment...
Wind - September 12, 2011 at 4:31am
Yeah that's what I'm taklnig about baby--nice work!
purplemaize - August 30, 2011 at 3:39pm
I can do that on 10.6.8 nothing has changed, they said in the beginning that once you have a password you can not change it. Well I did, it is all how you know your operating system. You can also lock it back up again by making adjustments in system prefences. and you can also go into your harddrive check out which folder does not belong. You go to System then Library and if u see a folder from your old computer that is messing up your computer you delete. But make sure some of those file you don't need like passwords.
Recent. Read the latest Apple News.
Tutorials. Help is here.
Where to Download iPod touch Firmware Files From
Where to Download macOS Monterey
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.