Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
appleAppleAPPLE:HT207171
HistoryJan 23, 2017 - 5:30 a.m.

About the security content of macOS Server 5.2 - Apple Support

2017-01-2305:30:00
support.apple.com
7

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

About Apple security updates

For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.

Apple security documents reference vulnerabilities by CVE-ID when possible.

macOS Server 5.2

Released September 20, 2016

apache

Available for: macOS Sierra 10.12

Impact: A remote attacker may be able to proxy traffic through an arbitrary server

Description: An issue existed in the handling of the HTTP_PROXY environment variable. This issue was addressed by not setting the HTTP_PROXY environment variable from CGI.

CVE-2016-4694: Dominic Scheirlinck and Scott Geary of Vend

ServerDocs Server

Available for: macOS Sierra 10.12

Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm

Description: RC4 was removed as a supported cipher.

CVE-2016-4754: Pepi Zawodsky

CPENameOperatorVersion
macos serverlt5.2
macos sierraeq10.12

Related

apple 3
nessus 3
prion 2
cve 2
threatpost 1
ubuntucve 1
openvas 1
apple
apple
About the security content of macOS Server 5.2
2016-09-20 00:00:00
About the security content of macOS Sierra 10.12
2016-09-20 00:00:00
About the security content of macOS Sierra 10.12 - Apple Support
2017-01-23 05:36:06
nessus
nessus
macOS : macOS Server < 5.2 Multiple Vulnerabilities (httpoxy)
2016-09-30 00:00:00
Mac OS X 10.x < 10.12 Multiple Vulnerabilities
2016-10-21 00:00:00
macOS < 10.12 Multiple Vulnerabilities
2016-09-23 00:00:00
prion
prion
Code injection
2016-09-25 10:59:00
Design/Logic Flaw
2016-09-25 10:59:00
cve
cve
CVE-2016-4754
2016-09-25 10:59:00
CVE-2016-4694
2016-09-25 10:59:00
threatpost
threatpost
Apple Squashes 68 Security Bugs With Sierra Release
2016-09-20 17:14:52
ubuntucve
ubuntucve
CVE-2016-4694
2016-09-25 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-01 (Sep 2016)
2016-09-28 00:00:00

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for APPLE:HT207171
apple3nessus3prion2cve2threatpost1ubuntucve1openvas1