Apple Mac OS X Server 10.0 Overload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP GE...

Apple iOS Libinfo组件信息泄露漏洞

BUGTRAQ ID: 50641 CVE ID: CVE-2011-3441 Apple iOS是运行在苹果iPhone和iPod touch设备上的最新的操作系统。 Apple iOS在实现上存在信息泄露漏洞，攻击者可利用此漏洞获取敏感信息，此漏洞影响Libinfo组件。 0 Apple MacOS X Server 10.x Apple iOS 4.x Apple iOS 3.x 厂商补丁： Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://support.apple.com/...

Apple Mac OS X CoreMedia H.264编码视频文件缓冲区溢出漏洞

BUGTRAQ ID: 50068 CVE ID: CVE-2011-3219 Mac OS X是苹果家族机器所使用的操作系统。 Apple Mac OS X在实现上存在缓冲区溢出漏洞，此漏洞可影响CoreMedia组件，允许攻击者以当前用户权限执行任意代码。 当解析H.264流的Sequence Parameter Set数据时，会读取帧剪裁偏移字段，当这些字段包含错误数据时，Quicktime会最终在视频流所分配的缓冲区之外写入，造成任意代码执行。 Apple Mac OS X 10.x Apple MacOS X Server 10.6.x 厂商补丁： Apple -----...

Apple Mac OS X Keychain证书设置安全限制绕过漏洞

BUGTRAQ ID: 49429 Mac OS X是苹果麦金塔Macintosh电脑之操作系统软件的总称。 Mac OS X在Keychain证书的设置上存在安全限制绕过漏洞，远程攻击者可利用此漏洞通过中间人攻击绕过Keychain安全设置。 即使用户已经把Keychain Access中的根CA信任设置标注为“Never Trust”，Mac OS X操作系统也会接受Extended Validation证书为有效。 Apple Mac OS X 10.6.x Apple MacOS X Server 10.6.x 厂商补丁： Apple -----...

Apple Mobile Safari for iOS 4.2.1远程代码执行漏洞

BUGTRAQ ID: 46832 CVE ID: CVE-2011-1417 Safari是苹果计算机的最新作业系统Mac OS X中的浏览器，使用了KDE的KHTML作为浏览器的运算核心。 Apple Mobile Safari for iOS 4.2.1在实现上存在远程代码执行漏洞，远程攻击者可利用这些漏洞在浏览器中执行任意代码或造成拒绝服务攻击。 此漏洞源于对解析office文件的支持中。在处理OfficeArtMetafileHeader时，进程信任了cbSize字段，并在分配前对其执行了算法。结果没有检查溢出，后续分配就过小。稍后复制到此缓冲区时，内存可能会崩溃导致任意代码执...

Apple Mac OS X 2008-002更新修复多个安全漏洞

BUGTRAQ ID: 28304 CVECAN ID:...

CORE-2008-0123: Leopard Server Remote Path Traversal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Leopard Server Remote Path Traversal Advisory Information Title: Leopard Server Remote Path Traversal Advisory ID: CORE-2008-0123 Advisory URL:...

Apple CFNetwork HTTP空指针引用拒绝服务漏洞

BUGTRAQ ID: 22249 CVECAN ID: CVE-2007-0464 Apple Mac OS X是苹果家族机器所使用的操作系统。 Mac OS X的CFNetwork处理畸形回应数据时存在漏洞，远程攻击者可能利用此漏洞导致客户端崩溃。 CFNetwork是一个Core Services框架，可提供解压网络协议所需的函数库。Mac OS X的CFNetwork没有正确地处理某些HTTP响应，CFNetConnectionWillEnqueueRequests函数可能会引用空指针。如果服务器向使用这个API的客户端发送了特制响应的话，就可以触发这个漏洞，导致拒绝服务的情况。...

Default Password (12345678) for 'root' Account on MacOS X Server

Nessus was able to login to the remote host using the following credentials : Username : root Password : 12345678 On older Macintosh computers, Mac OS X server is configured with this default account on newer computers, the serial number of the system is used instead. C Tenable Network Security,...

macos.x.server.cgi.txt

Date: Thu, 3 Jun 1999 19:35:58 +0200 From: Juergen Schmidt To: [email protected] Subject: MacOS X system panic with CGI Hello all, when doing performance tests with different web servers, I found, that MacOS X Server running apache crashed under medium load, when I was calling CGI-scripts. It...

Apple Mac OSX Server 10.0 - Overload

Apple Mac OSX Server 10.0 - Overload source: https://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP...

Apple Mac OSX Server 10.0 - Overload

source: https://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP GET request to a CGI script in a loo...