[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Authentication bypass vulnerability in apache httpd in Apple Mac OS X - CVE-2017-3167 (MAC OS X)

ID: oval:org.secpod.oval:def:42621Date: (C)2017-11-07   (M)2018-01-05
Class: VULNERABILITYFamily: macos




The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an authentication bypass vulnerability. A flaw is present in the application, which fails to properly handle the authentication API. Successful exploitation allows remote attackers to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.

Platform:
Apple Mac OS X 10.8
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X Server 10.12
Apple Mac OS X Server 10.9
Apple Mac OS X Server 10.8
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Apple Mac OS X 10.13
Reference:
CVE-2017-3167
CVE    1
CVE-2017-3167
CPE    27
cpe:/a:apache:http_server:2.2.26
cpe:/a:apache:http_server:2.2.27
cpe:/a:apache:http_server:2.2.24
cpe:/a:apache:http_server:2.2.25
...

© 2013 SecPod Technologies