Code injection

Server Admin in Apple Mac OS X Server 10.5.8 does not properly determine the privileges of users who had former membership in the admin group, which allows remote authenticated users to leverage this former membership to obtain a server connection via screen sharing...

Design/Logic Flaw

Server Admin in Apple Mac OS X Server before 10.6.3 does not properly enforce authentication for directory binding, which allows remote attackers to obtain potentially sensitive information from Open Directory via unspecified LDAP requests...

CVE-2010-0521

Server Admin in Apple Mac OS X Server before 10.6.3 does not properly enforce authentication for directory binding, which allows remote attackers to obtain potentially sensitive information from Open Directory via unspecified LDAP requests...

CVE-2010-0522

Server Admin in Apple Mac OS X Server 10.5.8 does not properly determine the privileges of users who had former membership in the admin group, which allows remote authenticated users to leverage this former membership to obtain a server connection via screen sharing...

Mac OS X Multiple Vulnerabilities (Security Update 2010-002)

The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-002 applied. This security update contains fixes for the following products : - AppKit - Application Firewall - AFP Server - Apache - ClamAV - CoreTypes - CUPS - curl - Cyrus IMAP - Cyrus SASL - Disk...

Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.3. Mac OS X 10.6.3 contains security fixes for the following products : - AFP Server - Apache - CoreAudio - CoreMedia - CoreTypes - CUPS - DesktopServices - Disk Images - Directory Services - Dovecot - Event Monitor -...

Server: multiple XSS issues

Multiple cross-site scripting XSS vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway DSGW web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject...

Red Hat Administration Server (redhat-ds-admin) Multiple Remote Vulnerabilities

The remote host is running RedHat or Fedora Directory Server Admin Service. The version of this software installed on the remote host is vulnerable to remote command execution flaw through the argument 'admurl' of the script '/bin/admin/admin/bin/download'. A malicious user could exploit this fla...

CVE-2007-4588

CVE-2007-4588 : Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Server Admin Level (NodeWorx) 3.0.2 allow remote attackers to inject arbitrary web script or HTML via PATH_INFO to index.php, and allow remote authenticated users to inject script...

CVE-2007-4588

Multiple cross-site scripting XSS vulnerabilities in InterWorx Hosting Control Panel InterWorx-CP Server Admin Level NodeWorx 3.0.2 1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php; and allow remote authenticated users to inject arbitrary web script or...

CVE-2005-2510

CVE-2005-2510 affects Mac OS X 10.4–10.4.2: The Server Admin tool (servermgr_ipfilter) may fail to correctly write firewall rules to Active Rules when using multiple subnets and Address Groups, potentially resulting in policies that are less restrictive than intended. Impact is limited to local a...

CVE-2005-2510

The Server Admin tool in servermgripfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less restrictive than intended ...

CVE-2005-2510

The Server Admin tool in servermgripfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less restrictive than intended ...

CVE-2005-1340

CVE-2005-1340 concerns the HTTP proxy service in Apple Mac OS X Server Admin (Mac OS X 10.3.9). The description in multiple sources states that the proxy does not restrict access when enabled, allowing remote users to misuse the proxy. Connected documents corroborate that this is a remote-access ...