2 matches found
CVE-2014-4446
Mail Service in Apple OS X Server before 4.0 does not enforce SACL changes until after a service restart, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a change made by an administrator.
CVE-2014-4447
Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs.