Lucene search

[email protected]CVE-2004-1089

HistoryApr 14, 2005 - 4:00 a.m.

CVE-2004-1089

2005-04-1404:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1089

vulnerability

mac os x

10.3.6

kerberos authentication

cyrus imap

mailbox access

8.2 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users.

Affected configurations

NVD

Node

appledarwin_streaming_serverMatch4.1.3

appledarwin_streaming_serverMatch5.0.1

applequicktime_streaming_serverMatch4.1.1

Node

applemac_os_xMatch10.2

applemac_os_xMatch10.2.1

applemac_os_xMatch10.2.2

applemac_os_xMatch10.2.3

applemac_os_xMatch10.2.4

applemac_os_xMatch10.2.5

applemac_os_xMatch10.2.6

applemac_os_xMatch10.2.7

applemac_os_xMatch10.2.8

applemac_os_xMatch10.3

applemac_os_xMatch10.3.1

applemac_os_xMatch10.3.2

applemac_os_xMatch10.3.3

applemac_os_xMatch10.3.4

applemac_os_xMatch10.3.5

applemac_os_xMatch10.3.6

applemac_os_x_serverMatch10.2

applemac_os_x_serverMatch10.2.1

applemac_os_x_serverMatch10.2.2

applemac_os_x_serverMatch10.2.3

applemac_os_x_serverMatch10.2.4

applemac_os_x_serverMatch10.2.5

applemac_os_x_serverMatch10.2.6

applemac_os_x_serverMatch10.2.7

applemac_os_x_serverMatch10.2.8

applemac_os_x_serverMatch10.3

applemac_os_x_serverMatch10.3.1

applemac_os_x_serverMatch10.3.2

applemac_os_x_serverMatch10.3.3

applemac_os_x_serverMatch10.3.4

applemac_os_x_serverMatch10.3.5

applemac_os_x_serverMatch10.3.6

CPENameOperatorVersion
apple:darwin_streaming_serverapple darwin streaming servereq4.1.3
apple:darwin_streaming_serverapple darwin streaming servereq5.0.1
apple:quicktime_streaming_serverapple quicktime streaming servereq4.1.1

CPE	Name	Operator	Version
apple:darwin_streaming_server	apple darwin streaming server	eq	4.1.3
apple:darwin_streaming_server	apple darwin streaming server	eq	5.0.1
apple:quicktime_streaming_server	apple quicktime streaming server	eq	4.1.1

References

lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

secunia.com/advisories/13362/

www.ciac.org/ciac/bulletins/p-049.shtml

www.securityfocus.com/bid/11802

exchange.xforce.ibmcloud.com/vulnerabilities/18351

8.2 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2004-1089

cvelist1 nvd1 nessus2