The default configuration of Mail.app in Mac OS X 10.0 up to and including 10.0.4 and 10.1 up to and including 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote malicious users to obtain passwords by sniffing network traffic.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.0 |
||
apple mac os x 10.1.2 |
||
apple mac os x 10.1.4 |
||
apple mac os x 10.1.5 |
||
apple mac os x 10.0.2 |
||
apple mac os x 10.0.3 |
||
apple mac os x 10.0.4 |
||
apple mac os x 10.1 |
||
apple mac os x 10.0.1 |
||
apple mac os x 10.1.1 |
||
apple mac os x 10.1.3 |