PT-2010-2279 · Apple · Open Directory+2

Mathias Haack

Published

2010-03-30

Updated

2010-06-21

CVE-2010-0521

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apple Mac OS X Server versions prior to 10.6.3

Description The issue concerns improper authentication enforcement for directory binding in Server Admin, allowing remote attackers to obtain potentially sensitive information from Open Directory via unspecified LDAP requests.

Recommendations For versions prior to 10.6.3, update to version 10.6.3 or later to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2010-0521

Affected Products

Macos X Server

Open Directory

Server Admin

PT-2010-2279 · Apple · Open Directory+2

CVE-2010-0521

Weakness Enumeration

Related Identifiers

Affected Products

References · 3