[Forgot Password]
Login  Register Subscribe

24003

 
 

131401

 
 

103942

 
 

909

 
 

84044

 
 

133

Paid content will be excluded from the download.


Download | Alert*
OVAL

Authentication bypass vulnerability in apache httpd in Apple Mac OS X - CVE-2017-3167 (MAC OS X)

ID: oval:org.secpod.oval:def:42621Date: (C)2017-11-07   (M)2018-01-05
Class: VULNERABILITYFamily: macos




The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an authentication bypass vulnerability. A flaw is present in the application, which fails to properly handle the authentication API. Successful exploitation allows remote attackers to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.

Platform:
Apple Mac OS X 10.8
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X Server 10.12
Apple Mac OS X Server 10.9
Apple Mac OS X Server 10.8
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Apple Mac OS X 10.13
Reference:
CVE-2017-3167
CVE    1
CVE-2017-3167
CPE    27
cpe:/a:apache:http_server:2.2.11
cpe:/a:apache:http_server:2.2.12
cpe:/a:apache:http_server:2.2.15
cpe:/a:apache:http_server:2.2.13
...

© 2013 SecPod Technologies