CVE-2004-0921
https://notcve.org/view.php?id=CVE-2004-0921
AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •
CVE-2004-0922
https://notcve.org/view.php?id=CVE-2004-0922
AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •
CVE-2004-0925
https://notcve.org/view.php?id=CVE-2004-0925
Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html •
CVE-2004-0924
https://notcve.org/view.php?id=CVE-2004-0924
NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •
CVE-2004-0926
https://notcve.org/view.php?id=CVE-2004-0926
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://lists.apple.com/archives/security-announce/2004/Oct/msg00001.html http://www.securityfocus.com/bid/11322 •