Apple has responded to a Mac OS X vulnerability identified by security specialist, Secunia.
The vulnerability can lead to the "exposure of sensitive information" from a local network. It affects Mac OS X Server, and communication between OS X Macs and OS X Server.
Apple says: "A vulnerability has been identified in the LDAP (Lightweight Directory Access Protocol) implementation in Mac OS X allowing malicious people to sniff clear text passwords (unencrypted passwords).
"The problem occurs when [network authentication protocol] Kerberos is used for user authentication and LDAP to get user data. When an error occurs there will be a protocol fallback, sending username and password in clear text rather than using Kerberos," Secunia explains.
Apple has published a document that describes how to set systems up to prevent the problem.