Open Directory in Apple Mac OS X 10.6 prior to 10.6.4 creates an unencrypted connection upon certain SSL failures, which allows man-in-the-middle malicious users to spoof arbitrary network account servers, and possibly execute arbitrary code, via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.6.2 |
||
apple mac os x server 10.6.0 |
||
apple mac os x 10.6.1 |
||
apple mac os x 10.6.3 |
||
apple mac os x server 10.6.1 |
||
apple mac os x server 10.6.2 |
||
apple mac os x server 10.6.3 |
||
apple mac os x 10.6.0 |