Network Access Bypass in Apple OS X Server Firewall Configuration
CVE-2015-1150

Currently unrated

Key Information:

Vendor
Apple
Status
Os X Server
Vendor
CVE Published:
28 April 2015

Summary

The Firewall component in OS X Server prior to version 4.1 contains a flaw in its configuration files, where an incorrect pathname is utilized. This flaw allows remote attackers to effectively bypass intended network-access restrictions, thereby enabling them to send specific packets that should have been blocked by custom rules. The error in the firewall's configuration can have serious implications for system integrity and security.

References

https://support.apple.com/HT204201
x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce/2015/Ap...
vendor-advisoryx_refsource_APPLE
http://www.securitytracker.com/id/1032197
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2015-1150 : Network Access Bypass in Apple OS X Server Firewall Configuration | SecurityVulnerability.io