CVE-2004-1088

3 documents3 sources

Severity

7.5HIGH

EPSS

1.3%

top 20.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server Apple MAC OS X Apple MAC OS X Server +1 more

Timeline

PublishedDec 2

Latest updateApr 29

Description

Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

▶NVDapple/mac_os_x_server16 versions+15

▶NVDapple/darwin_streaming_server4.1.3, 5.0.1+1

▶NVDapple/quicktime_streaming_server4.1.1

▶NVDapple/mac_os_x16 versions+15

Patches

Patch: lists.apple.com ↗Patch: secunia.com ↗Patch: www.ciac.org ↗

🔴Vulnerability Details

GHSA

GHSA-859h-3x66-595c: Postfix server for Apple Mac OS X 10↗2022-04-29

▶

CVEList

CVE-2004-1088: Postfix server for Apple Mac OS X 10↗2005-04-14

▶