CVE-2015-1150
The Firewall component in Apple OS X Server before 4.1 uses an incorrect pathname in configuration files, which allows remote attackers to bypass network-access restrictions by sending packets for which custom-rule blocking was intended.
Date published : 2015-04-28
http://lists.apple.com/archives/security-announce/2015/Apr/msg00006.html