Vulnerabilities > CVE-2004-0925 - Unspecified vulnerability in Apple mac OS X and mac OS X Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate.
Vulnerable Configurations
Nessus
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_SECUPD20040930.NASL |
description | The remote host is missing Security Update 2004-09-30. This security update contains a number of fixes for the following programs : - AFP Server - CUPS - NetInfoManager - postfix - QuickTime - ServerAdmin These programs have multiple vulnerabilities which may allow a remote attacker to execute arbitrary code. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15420 |
published | 2004-10-04 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15420 |
title | Mac OS X Multiple Vulnerabilities (Security Update 2004-09-30) |