Vulnerabilities > Apple > MAC OS X Server > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-12 | CVE-2009-0142 | Race Condition vulnerability in Apple mac OS X and mac OS X Server Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via unspecified vectors related to "file enumeration logic." | 1.9 |
| 2008-09-16 | CVE-2008-2329 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window. | 1.9 |
| 2008-09-16 | CVE-2008-3619 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log files, which allows local users to obtain sensitive information by reading these files. | 2.1 |
| 2008-09-11 | CVE-2008-3634 | Information Exposure vulnerability in Apple Itunes Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information. | 2.6 |
| 2008-06-02 | CVE-2008-1033 | Permissions, Privileges, and Access Controls vulnerability in Apple Cups The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to "authentication environment variables." | 2.1 |
| 2008-06-02 | CVE-2008-1578 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process. | 2.1 |
| 2008-03-18 | CVE-2008-0993 | Information Exposure vulnerability in Apple Podcast Producer Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings. | 2.1 |
| 2008-03-18 | CVE-2008-0994 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods. | 2.6 |
| 2008-03-18 | CVE-2008-0995 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods. | 2.6 |
| 2008-03-18 | CVE-2008-0996 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials. | 1.7 |