# Mac OS X AFP man-in-the-middle attack: Feb 27



## eddie5659 (Mar 19, 2001)

Hiya

Mac OS X could allow a remote attacker to obtain sensitive information, caused by a vulnerability in the Apple Filing Protocol (AFP). AFP may transfer authentication credentials in plain text. A remote attacker could perform a man-in-the-middle attack to capture this information and gain unauthorized access to the server.

Platforms Affected:

Apple Computer, Inc. Mac OS X Any version 
Apple Computer, Inc. Mac OS X Server Any version 
Remedy:

No remedy available as of February 2004.

Consequences:

Obtain Information

http://xforce.iss.net/xforce/xfdb/15338

Regards

eddie


----------

