Privilege Escalation via Users & Groups Data File Removal in Mac OS 9

Privilege Escalation via Users & Groups Data File Removal in Mac OS 9

CVE-2001-0102 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

"Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password.

Learn more about our User Device Pen Test.