AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html | Patch Vendor Advisory |
http://www.securityfocus.com/bid/11322 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:14:16
Updated: 2022-10-03T16:14:16
Reserved: 2022-10-03T00:00:00
Link: CVE-2004-0922
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-01-27T05:00:00.000
Modified: 2008-09-05T20:39:47.857
Link: CVE-2004-0922
JSON object: View
Redhat Information
No data.
CWE