Lucene search

[email protected]CVE-2004-1088

HistoryDec 02, 2004 - 5:00 a.m.

CVE-2004-1088

2004-12-0205:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

postfix

apple

mac os x

cram-md5

authentication

mail server

vulnerability

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.6%

JSON

Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information.

CPENameOperatorVersion
apple:quicktime_streaming_serverapple quicktime streaming servereq4.1.1
apple:darwin_streaming_serverapple darwin streaming servereq5.0.1
apple:darwin_streaming_serverapple darwin streaming servereq4.1.3
apple:mac_os_x_serverapple mac os x servereq10.3.2
apple:mac_os_xapple mac os xeq10.2.5
apple:mac_os_x_serverapple mac os x servereq10.2.2
apple:mac_os_xapple mac os xeq10.2.7
apple:mac_os_xapple mac os xeq10.2.8
apple:mac_os_x_serverapple mac os x servereq10.2.4
apple:mac_os_xapple mac os xeq10.2.1

CPE	Name	Operator	Version
apple:quicktime_streaming_server	apple quicktime streaming server	eq	4.1.1
apple:darwin_streaming_server	apple darwin streaming server	eq	5.0.1
apple:darwin_streaming_server	apple darwin streaming server	eq	4.1.3
apple:mac_os_x_server	apple mac os x server	eq	10.3.2
apple:mac_os_x	apple mac os x	eq	10.2.5
apple:mac_os_x_server	apple mac os x server	eq	10.2.2
apple:mac_os_x	apple mac os x	eq	10.2.7
apple:mac_os_x	apple mac os x	eq	10.2.8
apple:mac_os_x_server	apple mac os x server	eq	10.2.4
apple:mac_os_x	apple mac os x	eq	10.2.1

Rows per page:

1-10 of 351

References

lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

secunia.com/advisories/13362/

www.ciac.org/ciac/bulletins/p-049.shtml

www.securityfocus.com/bid/11802

exchange.xforce.ibmcloud.com/vulnerabilities/18353

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.6%

JSON

Related for CVE-2004-1088

nessus2