CVE-2014-4446

Currently unrated

Key Information:

Vendor: Apple
Status: Os X Server
Vendor: CVE Published:; 18 October 2014

Summary

Mail Service in Apple OS X Server before 4.0 does not enforce SACL changes until after a service restart, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a change made by an administrator.

References

http://www.securitytracker.com/id/1031071

vdb-entryx_refsource_SECTRACK

http://archives.neohapsis.com/archives/bugtraq/2014-10/01...

vendor-advisoryx_refsource_APPLE

https://exchange.xforce.ibmcloud.com/vulnerabilities/97645

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Oct 18, 2014
Vulnerability Reserved
Jun 20, 2014