|
|
Apple At Ease Vulnerability
Log in as any user that has access to Netscape Communicator, and type in f i l e://Macintosh%20HD/System%20Folder/ and you are able to access the disk. Do the same thing, except use f i l e://At%20Ease%20Volume%20Name/At%20Ease%20%Docs/username and it's quite easy to browse through anyones files. It is possible to download files from that users directory. I have been unable to actually open any of the files once they are downloaded, however in an educational setting, just viewing names in a certian directory could constitute some serious problems (such as if a teacher works with Special Education studends, and has a list of documents to their parents). |
|
Privacy Statement |