CVE-2005-0715

2005-03-2105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0715

mac os x

afp server

insecure permissions

drop boxes

unauthorized access

6.2 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

AFP Server in Mac OS X before 10.3.8 uses insecure permissions for “Drop Boxes,” which allows local users to read the contents of a Drop Box.

CPENameOperatorVersion
apple:mac_os_x_serverapple mac os x servereq10.3.2
apple:mac_os_x_serverapple mac os x servereq10.3.7
apple:mac_os_x_serverapple mac os x servereq10.3.5
apple:mac_os_xapple mac os xeq10.3.1
apple:mac_os_xapple mac os xeq10.3.5
apple:mac_os_x_serverapple mac os x servereq10.3.3
apple:mac_os_x_serverapple mac os x servereq10.3.4
apple:mac_os_xapple mac os xeq10.3.2
apple:mac_os_xapple mac os xeq10.3.7
apple:mac_os_xapple mac os xeq10.3.6

CPE	Name	Operator	Version
apple:mac_os_x_server	apple mac os x server	eq	10.3.2
apple:mac_os_x_server	apple mac os x server	eq	10.3.7
apple:mac_os_x_server	apple mac os x server	eq	10.3.5
apple:mac_os_x	apple mac os x	eq	10.3.1
apple:mac_os_x	apple mac os x	eq	10.3.5
apple:mac_os_x_server	apple mac os x server	eq	10.3.3
apple:mac_os_x_server	apple mac os x server	eq	10.3.4
apple:mac_os_x	apple mac os x	eq	10.3.2
apple:mac_os_x	apple mac os x	eq	10.3.7
apple:mac_os_x	apple mac os x	eq	10.3.6