Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
appleAppleAPPLE:HT207604
HistoryMar 28, 2017 - 4:58 a.m.

About the security content of macOS Server 5.3 - Apple Support

2017-03-2804:58:08
support.apple.com
10

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

About Apple security updates

For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.

Apple security documents reference vulnerabilities by CVE-ID when possible.

macOS Server 5.3

Released March 27, 2017

Profile Manager

Available for: macOS 10.12.4 and later

Impact: A remote user may be able to cause a denial-of-service

Description: A crafted request may cause a global cache to grow indefinitely, leading to a denial-of-service. This was addressed by not caching unknown MIME types.

CVE-2016-0751

Web Server

Available for: macOS 10.12.4 and later

Impact: A remote attacker may be able to cause a denial of service against the HTTP server via partial HTTP requests

Description: This issue was addressed by adding mod_reqtimeout.

CVE-2007-6750

Wiki Server

Available for: macOS 10.12.4 and later

Impact: A remote attacker may be able to enumerate users

Description: An access issue was addressed through improved permissions checking.

CVE-2017-2382: Maris Kocins of SEMTEXX LTD

CPENameOperatorVersion
macoseq10.12.4
macos serverlt5.3

Related

apple 1
openvas 18
nessus 18
hackerone 1
ibm 4
prion 3
f5 2
cve 3
debiancve 2
github 1
ubuntucve 2
osv 2
rubygems 1
suse 4
nmap 1
gentoo 1
fedora 3
redhat 3
freebsd 1
debian 2
oracle 1
apple
apple
About the security content of macOS Server 5.3
2017-03-27 00:00:00
openvas
openvas
Apple OS X Server Denial of Service And User Enumeration Vulnerabilities
2017-04-03 00:00:00
SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
2012-08-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0284-1)
2021-06-09 00:00:00
nessus
nessus
macOS : macOS Server < 5.3 Multiple Vulnerabilities
2017-03-31 00:00:00
F5 Networks BIG-IP : Slowloris denial-of-service attack vulnerability (K12636)
2017-02-28 00:00:00
openSUSE Security Update : apache2-201202 (openSUSE-SU-2012:0314-1)
2014-06-13 00:00:00
hackerone
hackerone
Tor: solving TOR vulnerability, in other to make bruteforce difficult
2017-09-14 14:11:07
ibm
ibm
Security Bulletin: IBM Security Network Intrusion Prevention System is affected by a vulnerability in Apache (CVE-2007-6750)
2022-02-23 19:48:26
Security Bulletin: Denial of service for accessing data using HTTP protocol on IBM SONAS (CVE-2007-6750)
2018-06-18 00:08:32
Security Bulletin: Denial of service for accessing data using HTTP protocol on IBM Storwize V7000 Unified (CVE-2007-6750)
2018-06-18 00:08:33
prion
prion
Code injection
2011-12-27 18:55:00
Code injection
2017-04-02 01:59:00
Type confusion
2016-02-16 02:59:00
f5
f5
K12636 : Slowloris denial-of-service attack vulnerability CVE-2007-6750
2015-04-29 00:00:00
SOL12636 - Slowloris denial-of-service attack vulnerability CVE-2007-6750
2011-02-22 00:00:00
cve
cve
CVE-2007-6750
2011-12-27 18:55:00
CVE-2017-2382
2017-04-02 01:59:00
CVE-2016-0751
2016-02-16 02:59:00
debiancve
debiancve
CVE-2007-6750
2011-12-27 18:55:00
CVE-2016-0751
2016-02-16 02:59:00
github
github
actionpack is vulnerable to denial of service via a crafted HTTP Accept header
2017-10-24 18:33:35
ubuntucve
ubuntucve
CVE-2016-0751
2016-02-16 00:00:00
CVE-2007-6750
2011-12-27 00:00:00
osv
osv
actionpack is vulnerable to denial of service via a crafted HTTP Accept header
2017-10-24 18:33:35
ruby-actionpack-3.2 - security update
2016-08-28 00:00:00
rubygems
rubygems
Possible Object Leak and Denial of Service attack in Action Pack
2016-01-24 21:00:00
suse
suse
Security update for Apache2 (important)
2012-02-18 13:08:15
Security update for Apache2 (important)
2012-03-06 21:08:42
apache2: fixed various security bugs (important)
2012-02-28 18:08:26
nmap
nmap
http-slowloris-check NSE Script
2012-08-24 09:19:30
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2013-09-23 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: rubygem-actionpack-4.2.3-4.fc23
2016-02-28 12:29:15
[SECURITY] Fedora 22 Update: rubygem-actionpack-4.2.0-3.fc22
2016-02-28 08:31:04
[SECURITY] Fedora 22 Update: rubygem-activemodel-4.2.0-2.fc22
2016-02-28 08:31:04
redhat
redhat
(RHSA-2016:0455) Important: ruby193 security update
2016-03-15 00:00:00
(RHSA-2016:0296) Important: rh-ror41 security update
2016-02-24 00:00:00
(RHSA-2016:0454) Important: ror40 security update
2016-03-15 00:00:00
freebsd
freebsd
rails -- multiple vulnerabilities
2016-01-25 00:00:00
debian
debian
[SECURITY] [DLA 604-1] ruby-actionpack-3.2 security update
2016-08-28 18:14:37
[SECURITY] [DSA 3464-1] rails security update
2016-01-31 18:43:51
oracle
oracle
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON
Related for APPLE:HT207604
apple1openvas18nessus18hackerone1ibm4prion3f52cve3debiancve2github1ubuntucve2osv2rubygems1suse4nmap1gentoo1fedora3redhat3freebsd1debian2oracle1