Mac OS X Server v10.6.5 (10H575)

Medium Nessus Plugin ID 50681


The remote host has an application that may be affected by an information disclosure vulnerability.


A memory aliasing issue in Dovecot's handling of user names in Mac OS X Server v10.6.5 may result in a user receiving mail intended for other users.

Note that this vulnerability arises only on Mac OS X Server systems when Dovecot is configured as a mail server.


Upgrade to Mac OS X Server v10.6.5 (10H575) or later.

See Also

Plugin Details

Severity: Medium

ID: 50681

File Name: macosx_server_10H575.nasl

Version: 1.6

Type: local

Agent: macosx

Published: 2010/11/22

Modified: 2017/05/30

Dependencies: 50680

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: Host/uname, MacOSX/Server/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2010/11/15

Vulnerability Publication Date: 2010/11/15

Reference Information

CVE: CVE-2010-4011

BID: 44874

OSVDB: 69260