Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability

Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability

Apple Mac OS X Server Weblog is prone to a security-bypass vulnerability because it may fail to properly save ACLs (Access Control Lists) in certain cases.

Attackers can exploit this issue to bypass ACL restrictions to perform unauthorized actions with the application.

Mac OS X Server 10.4 through 10.4.11 is vulnerable to this issue.

NOTE: This issue was previously covered in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities) but has been given its own record to better document this vulnerability.