Apple OS X Server Multiple Vulnerabilities
Last Update Date:
19 Sep 2013 12:17
Release Date:
19 Sep 2013
3971
Views
RISK: Medium Risk
TYPE: Operating Systems - Mac OS
Multiple vulnerabilities have been identified in Apple OS X Server, which can be exploited by malicious users to conduct brute force and script insertion attacks, bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
- Some errors exist due to a bundled vulnerable version of ClamAV and PostgreSQL.
- Certain input within the Wiki Server component is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
Impact
- Cross-Site Scripting
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Versions prior to 2.2.2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 2.2.2.
Vulnerability Identifier
Source
Related Link
Share with