Mac Os X Server Security Vulnerabilities and Issues — Mac Os X Server CVE List

Lucene search

AppleMac Os X Server

5 matches found

CVE•added 2004/11/23 5:0 a.m.•112 views

CVE-2004-0079

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

7.5CVSS7.1AI score0.02269EPSS

CVE•added 2004/11/23 5:0 a.m.•91 views

CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

5CVSS7.2AI score0.02796EPSS

CVE•added 2004/11/23 5:0 a.m.•88 views

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-b...

5CVSS7.2AI score0.00721EPSS

CVE•added 2004/11/23 5:0 a.m.•46 views

CVE-2004-0743

Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak.

5CVSS6.2AI score0.00405EPSS

CVE•added 2004/11/23 5:0 a.m.•43 views

CVE-2004-0744

The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.

5CVSS6.1AI score0.00911EPSS