Apple » Mac Os X Server » 10.5 : Security Vulnerabilities, CVEs, Published In 2008 (Information Leak)
slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system administrator, related to the mkfifo function, aka an "insecure file operation issue."
Max CVSS
4.9
EPSS Score
0.04%
Published
2008-09-16
Updated
2017-08-08
Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window.
Max CVSS
1.9
EPSS Score
0.07%
Published
2008-09-16
Updated
2017-08-08
Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog.
Max CVSS
5.0
EPSS Score
0.71%
Published
2008-06-02
Updated
2017-08-08
The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process.
Max CVSS
2.1
EPSS Score
0.04%
Published
2008-06-02
Updated
2017-08-08
4 vulnerabilities found