Server Admin in Apple Mac OS X Server 10.5.8 does not properly determine the privileges of users who had former membership in the admin group, which allows remote authenticated users to leverage this former membership to obtain a server connection via screen sharing.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html | Vendor Advisory |
http://support.apple.com/kb/HT4077 | Patch Vendor Advisory |
Configurations
Information
Published : 2010-03-30 11:30
Updated : 2010-06-20 21:00
NVD link : CVE-2010-0522
Mitre link : CVE-2010-0522
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
apple
- mac_os_x_server