[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Multiple vulnerabilities in Apple Mac OS X - APPLE-SA-2017-10-31-8 (MAC OS X)

ID: oval:org.secpod.oval:def:42622Date: (C)2017-11-07   (M)2017-11-14
Class: PATCHFamily: macos




The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an authentication bypass vulnerability. A flaw is present in the application, which fails to properly handle the authentication API. Successful exploitation allows remote attackers to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.

Platform:
Apple Mac OS X 10.8
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X Server 10.12
Apple Mac OS X Server 10.9
Apple Mac OS X Server 10.8
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Apple Mac OS X 10.13
Reference:
APPLE-SA-2017-10-31-8
CVE-2017-13832
CVE-2017-3167
CVE-2017-3169
CVE-2017-7659
CVE-2017-7668
CVE-2017-7679
CVE-2017-9788
CVE-2017-9789
CVE-2017-13809
CVE-2017-13820
CVE-2017-13807
CVE-2017-13821
CVE-2017-13825
CVE-2017-13815
CVE-2017-13828
CVE-2017-13811
CVE-2017-13819
CVE-2017-13830
CVE-2017-13814
CVE-2017-13831
CVE-2017-13837
CVE-2017-13810
CVE-2017-13817
CVE-2017-13818
CVE-2017-13836
CVE-2017-13841
CVE-2017-13840
CVE-2017-13842
CVE-2017-13782
CVE-2017-13843
CVE-2017-13834
CVE-2017-13827
CVE-2017-13813
CVE-2017-13816
CVE-2017-13812
CVE-2017-13824
CVE-2017-13826
CVE-2017-13822
CVE-2017-13823
CVE-2017-13808
CVE-2017-13838
CVE-2017-13839
CVE-2016-4736
CVE-2016-2161
CVE-2016-5387
CVE-2016-8740
CVE-2016-8743
CVE    12
CVE-2017-3167
CVE-2017-3169
CVE-2017-7659
CVE-2017-7668
...
CPE    33
cpe:/a:apache:http_server:2.2.0
cpe:/a:apache:http_server:2.2.3
cpe:/a:apache:http_server:2.2.2
cpe:/a:apache:http_server:2.2.26
...

© 2013 SecPod Technologies