|
Mac OS X Security Update for Apache and dsimportexport
|
|
Secunia Advisory:
|
SA9025
|
|
|
Release Date:
|
2003-06-13
|
|
Popularity:
|
11,694 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
DoS
Exposure of sensitive information
Exposure of system information
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Apple Macintosh OS X
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2003-0245
CVE-2003-0420
|
|
Description:
Apple has issued a Security Update for Mac OS X Server, which fixes two vulnerabilities.
A vulnerability in the "mod_dav" module in Apache 2.x can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. Other vendors have reported that successful exploitation of this vulnerability also could result in system compromise.
NOTE: Apache 2.x is not the default web server for Mac OS X Server.
For more information:
http://secunia.com/advisories/8881/
The Security Update also fixes a vulnerability in the tool "dsimportexport". Exploitation of this vulnerability could allow a malicious, authenticated user to gain knowledge of the name and password of the account, which the tool is running as.
Solution:
The Security Update is available via "Software Update".
It can also be downloaded at:
http://docs.info.apple.com/article2.html?artnum=120215
Original Advisory:
http://docs.info.apple.com/article2.html?artnum=120215
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
