[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Authentication bypass vulnerability in apache httpd in Apple Mac OS X - CVE-2017-3167 (MAC OS X)

ID: oval:org.secpod.oval:def:42621Date: (C)2017-11-07   (M)2017-11-07
Class: VULNERABILITYFamily: macos




The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an authentication bypass vulnerability. A flaw is present in the application, which fails to properly handle the authentication API. Successful exploitation allows remote attackers to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.

Platform:
Apple Mac OS X 10.8
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X Server 10.12
Apple Mac OS X Server 10.9
Apple Mac OS X Server 10.8
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Apple Mac OS X 10.13
Reference:
CVE-2017-3167
CVE    1
CVE-2017-3167
CPE    24
cpe:/a:apache:http_server:2.2.26
cpe:/a:apache:http_server:2.2.27
cpe:/a:apache:http_server:2.2.24
cpe:/a:apache:http_server:2.2.25
...

© 2013 SecPod Technologies