Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid account name.
Max CVSS
4.4
EPSS Score
0.53%
Published
2010-11-15
Updated
2011-01-12
Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name.
Max CVSS
6.8
EPSS Score
0.65%
Published
2010-09-21
Updated
2017-09-19
Server Admin in Apple Mac OS X Server before 10.6.3 does not properly enforce authentication for directory binding, which allows remote attackers to obtain potentially sensitive information from Open Directory via unspecified LDAP requests.
Max CVSS
5.0
EPSS Score
0.19%
Published
2010-03-30
Updated
2010-06-21
Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during processing of record names, which allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2010-03-30
Updated
2010-03-31
4 vulnerabilities found