Computer Security
[EN] securityvulns.ru no-pyccku


Mac OS X insecure system update
Published:18.12.2007
Source:
SecurityVulns ID:8462
Type:m-i-t-m
Threat Level:
6/10
Description:Insecure uncrypted/unsigned protocol is used for system update.
Affected:APPLE : MacOS X 10.4
CVE:CVE-2007-5863 (Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option.)
Original documentdocumentMoritz Jodeit, Apple OS X Software Update Remote Command Execution (18.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod