Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0925

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0925
Last Modified 10 Sep 2008 03:28:16
Published 27 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0925

Summary

Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.3

  • Apple Mac Os X 10.3.1

  • Apple Mac Os X 10.3.2

  • Apple Mac Os X 10.3.3

  • Apple Mac Os X 10.3.4

  • Apple Mac Os X 10.3.5

  • Apple Mac Os X Server 10.3

  • Apple Mac Os X Server 10.3.1

  • Apple Mac Os X Server 10.3.2

  • Apple Mac Os X Server 10.3.3

  • Apple Mac Os X Server 10.3.4

  • Apple Mac Os X Server 10.3.5


References

APPLE - APPLE-SA-2004-09-30


Last Updated: 27 May 2016 10:38:48