CVSS: 4.6EPSS: 0%CPEs: 35EXPL: 0CVE-2004-1089
https://notcve.org/view.php?id=CVE-2004-1089
Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18351 •
CVSS: 7.5EPSS: 1%CPEs: 35EXPL: 0CVE-2004-1088
https://notcve.org/view.php?id=CVE-2004-1088
Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18353 •
CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0CVE-2004-0169
https://notcve.org/view.php?id=CVE-2004-0169
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function. QuickTime Streaming Server en MacOS X 10.2.8 y 10.3.2 permite a atacantes remotos causar una denegación de servicio (caída) mediante peticiones DESCRIBE con campos de User-Agent muy grandes, lo que causa que se dispare un "error de Aserción" en la función BufferIsFull • http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html http://www.idefense.com/application/poi/display?id=75&type=vulnerabilities http://www.kb.cert.org/vuls/id/460350 http://www.osvdb.org/6826 http://www.osvdb.org/6837 http://www.securityfocus.com/bid/9735 https://exchange.xforce.ibmcloud.com/vulnerabilities/15291 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2003-1413
https://notcve.org/view.php?id=CVE-2003-1413
parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. • http://securityreason.com/securityalert/3260 http://www.securityfocus.com/archive/1/313517 http://www.securityfocus.com/bid/6992 https://exchange.xforce.ibmcloud.com/vulnerabilities/11445 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2003-1414 – Apple QuickTime/Darwin Streaming Server 4.1.x - 'parse_xml.cgi' File Disclosure
https://notcve.org/view.php?id=CVE-2003-1414
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. • https://www.exploit-db.com/exploits/22312 http://securityreason.com/securityalert/3260 http://www.securityfocus.com/archive/1/313517 http://www.securityfocus.com/bid/6990 https://exchange.xforce.ibmcloud.com/vulnerabilities/11446 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •