The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which uses cleartext HTTP session to read e-mail addresses. Successful exploitation could allow a privileged attacker to retrieve an user's email aliases.