CVE Vulnerabilities

CVE-2004-0922

Published: Jan 27, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.

Affected Software

Name Vendor Start Version End Version
Quicktime Apple 5.0.2 (including) 5.0.2 (including)
Quicktime Apple 6.0 (including) 6.0 (including)
Quicktime Apple 6.1 (including) 6.1 (including)
Quicktime Apple 6.5 (including) 6.5 (including)
Quicktime Apple 6.5.1 (including) 6.5.1 (including)

References