CVSS: 4.6EPSS: 0%CPEs: 35EXPL: 0CVE-2004-1089
https://notcve.org/view.php?id=CVE-2004-1089
Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18351 •
CVSS: 2.1EPSS: 0%CPEs: 35EXPL: 0CVE-2004-1087
https://notcve.org/view.php?id=CVE-2004-1087
Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18355 •
CVSS: 7.5EPSS: 0%CPEs: 35EXPL: 0CVE-2004-0921
https://notcve.org/view.php?id=CVE-2004-0921
AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •
CVSS: 5.0EPSS: 0%CPEs: 35EXPL: 0CVE-2004-0922
https://notcve.org/view.php?id=CVE-2004-0922
AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •
CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0CVE-2004-0925
https://notcve.org/view.php?id=CVE-2004-0925
Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html •