cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*
Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.
Max CVSS
4.3
EPSS Score
0.31%
Published
2012-05-11
Updated
2012-05-30
Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid account name.
Max CVSS
4.4
EPSS Score
0.53%
Published
2010-11-15
Updated
2011-01-12
Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name.
Max CVSS
6.8
EPSS Score
0.65%
Published
2010-09-21
Updated
2017-09-19
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com.
Max CVSS
6.4
EPSS Score
0.10%
Published
2010-08-25
Updated
2010-08-26
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!