5 matches found
CVE-2013-0966
The Apple modhfsapple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI...
APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001 OS X Mountain Lion v10.8.3 and Security Update 2013-001 is now available and addresses the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lio...
Apple Mac OS X 身份验证绕过漏洞
BUGTRAQ ID: 58513 CVECAN ID: CVE-2013-0966 Apple Mac OS X是苹果电脑操作系统软件。 Apple Mac OS X 10.8.3之前版本Apache HTTP Server的Apple modhfsapple模块,没有正确处理忽略的Unicode字符,通过URI内的特制路径名,攻击者可利用此漏洞绕过目录身份验证。 0 Apple Mac OS X 10.7.4 Apple Mac OS X 10.7.3 Apple Mac OS X 10.7.2 Apple Mac OS X 10.7.1 Apple Mac OS X Server...
CVE-2013-0966
CVE-2013-0966 affects Apple’s mod_hfs_apple module for the Apache HTTP Server on Mac OS X prior to 10.8.3. The root cause is improper handling of ignorable Unicode characters in URIs, enabling a remote attacker to bypass the intended HTTP authentication by crafting a URI pathname. Public details ...
CVE-2013-0966
The Apple modhfsapple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI...