Craig Courtney

**Name of the Vulnerable Software and Affected Versions** Apple OS X Server versions prior to 4.0 **Description** The issue concerns the Mail Service in Apple OS X Server, where it fails to enforce SACL changes immediately, allowing remote authenticated users to bypass intended access restrictions under certain circumstances. This can occur when an administrator makes a change, and the service has not been restarted. **Recommendations** For Apple OS X Server versions prior to 4.0, update to version 4.0 or later to resolve the issue. As a temporary workaround, consider restarting the Mail Service after any SACL changes are made by an administrator to ensure the changes are enforced.