Apple patches two Mac server holes

By Robert Lemos
Staff Writer, CNET News

Apple Computer warned users on Monday that security vulnerabilities had been found in the file-sharing server software and the directory-services software that are provided with the Mac OS X Server operating system.

When the server shares files that use the network file system (NFS) or the Unix file system (UFS) through the Apple File Service, a flaw could allow a remote user to overwrite arbitrary files, the Cupertino, Calif.-based company said. When logging into the server's directory services, the software could send the password in clear text, not encrypted, as it should do. Apple released a patch for the software, available on its Web site.

Latest tech news headlines

Justice Dept. asked for news site's visitor lists
Posted in News - Politics and Law by Declan McCullagh

November 9, 2009 9:10 PM PST
New Verizon ad pushes Droid's manly side
Posted in Technically Incorrect by Chris Matyszczyk

November 9, 2009 8:30 PM PST
2010 Tesla Roadster Sport first drive
Posted in The Car Tech blog by Wayne Cunningham

November 9, 2009 5:53 PM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Apple (3.66%) 7.12 201.46; Dow Jones Industrials (2.03%) 203.52 10,226.94; S&P 500 (2.22%) 23.78 1,093.08; NASDAQ (1.97%) 41.62 2,154.06; CNET TECH (2.03%) 31.22 1,569.62

Inside CNET News

Scroll Left Scroll Right

The Web Services Report
Microsoft releases SDK for Facebook
The software giant releases a software development kit for Facebook, allowing developers to make applications for the social-networking site with Silverlight and WPF.
Gallery
Images: Firefox through the ages
Technically Incorrect
In Apple parody, Florida says 'there's no app for this'
It seems that everyone is getting at Apple these days. A new ad campaign from the Florida Keys and Key West suggests there's no app for the wonderful experience of being there.
Beyond Binary
Microsoft releases Exchange 2010, acquires Teamprise
At TechEd Europe, Redmond offers the latest on its e-mail and calendar server. Meanwhile, it also scoops up a developer tool for creating code in multiple OSes.
Video
Exploratorium's shocking 40th anniversary kicks off
Technically Incorrect
New Verizon ad pushes Droid's manly side
In its latest spot, Verizon's Droid is declared to be a robotphone, while the iPhone resembles something that can only be for girls.
Video
A new workout for the Wii
Politics and Law
Justice Dept. asked for news site's visitor lists
Gag order instructed independent news site not to disclose subpoena demanding copies of "all IP traffic."
Cutting Edge
Winner declared in space elevator race
LaserMotive wins $900,000 in NASA's Space Elevator challenge, where teams compete to see who could drive their space elevator the fastest.
Gallery
Photos: Top-rated reviews of the week
Crave
Moxi cuts price on its DVR, adds step-up model with a triple tuner
Moxi lowers the price of its CableCard HD DVR, and introduces a new model that can record three shows simultaneously.
The Car Tech blog
2010 Tesla Roadster Sport first drive
CNET Car Tech spends time with the 2010 Tesla Roadster Sport.