Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0430

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2004-0430
Last Modified 05 Sep 2008 04:38:25
Published 07 Jul 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-0430

Summary

Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.3.3

  • Apple Mac Os X Server 10.3.3


References

CERT-VN - VU#648406

XF - applefileserver-afp-pathname-bo(16049)

ATSTAKE - A050304-1

MISC - http://www.securiteam.com/securitynews/5QP0115CUO.html

SECTRACK - 1010039

SECUNIA - 11539

APPLE - APPLE-SA-2004-05-03


Last Updated: 27 May 2016 10:38:36