Apple Mac OS X 'hosts.equiv' Security Bypass Vulnerability

Apple Mac OS X 'hosts.equiv' Security Bypass Vulnerability

Apple Mac OS X is prone to a security-bypass vulnerability related to the 'hosts.equiv' configuration file.

Attackers may be able to exploit this issue to log in as the root user via 'rlogind' without proper authentication from specific trusted hosts.

NOTE: This issue was previously covered in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities) but has been given its own record to better document this vulnerability.