Vulnerabilities > CVE-2004-0927 - Multiple Security vulnerability in Apple Mac OS X

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

easy-software-products

apple

nessus

NVD

Published: 2005-01-27

Updated: 2008-09-05

Summary

ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.

Vulnerable Configurations

Part	Description	Count
Application	Easy_Software_Products Easy Software Products Cups 1.0.4 Easy Software Products Cups 1.0.4_8 Easy Software Products Cups 1.1.1 Easy Software Products Cups 1.1.4 Easy Software Products Cups 1.1.4_2 Easy Software Products Cups 1.1.4_3 Easy Software Products Cups 1.1.4_5 Easy Software Products Cups 1.1.6 Easy Software Products Cups 1.1.7 Easy Software Products Cups 1.1.10 Easy Software Products Cups 1.1.12 Easy Software Products Cups 1.1.13 Easy Software Products Cups 1.1.14 Easy Software Products Cups 1.1.15 Easy Software Products Cups 1.1.16 Easy Software Products Cups 1.1.17 Easy Software Products Cups 1.1.18 Easy Software Products Cups 1.1.19 Easy Software Products Cups 1.1.19_Rc5 Easy Software Products Cups 1.1.20 Easy Software Products Cups 1.1.21	21
OS	Apple Apple MAC OS X 10.2 Apple MAC OS X 10.2.1 Apple MAC OS X 10.2.2 Apple MAC OS X 10.2.3 Apple MAC OS X 10.2.4 Apple MAC OS X 10.2.5 Apple MAC OS X 10.2.6 Apple MAC OS X 10.2.7 Apple MAC OS X 10.2.8 Apple MAC OS X 10.3 Apple MAC OS X 10.3.1 Apple MAC OS X 10.3.2 Apple MAC OS X 10.3.3 Apple MAC OS X 10.3.4 Apple MAC OS X 10.3.5 Apple MAC OS X Server 10.2 Apple MAC OS X Server 10.2.1 Apple MAC OS X Server 10.2.2 Apple MAC OS X Server 10.2.3 Apple MAC OS X Server 10.2.4 Apple MAC OS X Server 10.2.5 Apple MAC OS X Server 10.2.6 Apple MAC OS X Server 10.2.7 Apple MAC OS X Server 10.2.8 Apple MAC OS X Server 10.3 Apple MAC OS X Server 10.3.1 Apple MAC OS X Server 10.3.2 Apple MAC OS X Server 10.3.3 Apple MAC OS X Server 10.3.4 Apple MAC OS X Server 10.3.5	30

Nessus

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_SECUPD20040930.NASL
description	The remote host is missing Security Update 2004-09-30. This security update contains a number of fixes for the following programs : - AFP Server - CUPS - NetInfoManager - postfix - QuickTime - ServerAdmin These programs have multiple vulnerabilities which may allow a remote attacker to execute arbitrary code.
last seen	2020-06-01
modified	2020-06-02
plugin id	15420
published	2004-10-04
reporter	This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15420
title	Mac OS X Multiple Vulnerabilities (Security Update 2004-09-30)

Summary

Vulnerable Configurations

Nessus

References