Details of VAR-200501-0294

ID

VAR-200501-0294

CVE

CVE-2004-0927

TITLE

Apple MacOS ServerAdmin Default certificate vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200501-287

DESCRIPTION

ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions. Multiple security vulnerabilities are reported in Mac OS X. A security update is available to address these issues and to provide other enhancements. The following issues are reported: Apple AFP server is reported prone to a remote denial of service vulnerability. A weak permissions vulnerability is reported to affect the AFP server. This may result in a false sense of security for an administrator. A vulnerability is reported to exist in the NetInfoManager utility. It is reported that the utility will, under certain circumstances, report the status of certain accounts as disabled when they are not. A heap-based buffer overrun is reported to exist in the QuickTime utility. An attacker may exploit this vulnerability to execute arbitrary instructions in the context of the user that is running the vulnerable software. Finally, ServerAdmin is reported prone to a weak default configuration vulnerability. This may result in ServerAdmin traffic being intercepted and decrypted by a remote attacker. This vulnerability has been split into BID 11344. Some of these issues may already be described in previous BIDs. This BID will be split up into unique BIDs when further analysis of this update is complete. This vulnerability allows attackers to decrypt all communications between ServerAdmin servers and clients. This facilitates the theft of authentication credentials by sniffing networks containing the affected application, and then utilizing the known private key in applications such as 'ssldump'. Once authentication credentials are stolen, attackers can then utilize ServerAdmin for full system compromise. Previous versions may also be affected

Trust: 1.53

sources: NVD: CVE-2004-0927 // BID: 11322 // BID: 11344 // VULHUB: VHN-9357

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.6	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3.5	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.5	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3.4	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3.3	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3.1	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3.2	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.8	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.7	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.5	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.12	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.14	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.4_3	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.16	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.20	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.0.4_8	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.13	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.1	Trust: 1.0
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.1	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.17	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.4_5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.4	Trust: 1.0
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.3	Trust: 1.0
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.3	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.5	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.7	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.4	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.18	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.2	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.6	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.10	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.7	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.21	Trust: 1.0
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.2	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.4_2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.3	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.15	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.19	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.0.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2	Trust: 1.0
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.2	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.19_rc5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.8	Trust: 1.0
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.5	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.7	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.6	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.5	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2	Trust: 0.6
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.5.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.5	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	ne	version:	6.5.2	Trust: 0.3

sources: BID: 11322 // BID: 11344 // CNNVD: CNNVD-200501-287 // NVD: CVE-2004-0927

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-0927
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200501-287
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-9357
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-0927
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9357
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-9357 // CNNVD: CNNVD-200501-287 // NVD: CVE-2004-0927

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0927

THREAT TYPE

network

Trust: 0.6

sources: BID: 11322 // BID: 11344

TYPE

Design Error

Trust: 0.9

sources: BID: 11344 // CNNVD: CNNVD-200501-287

EXTERNAL IDS

db:	NVD	id:	CVE-2004-0927	Trust: 2.3
db:	BID	id:	11322	Trust: 2.0
db:	CNNVD	id:	CNNVD-200501-287	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2004-09-30	Trust: 0.6
db:	BID	id:	11344	Trust: 0.4
db:	VULHUB	id:	VHN-9357	Trust: 0.1

sources: VULHUB: VHN-9357 // BID: 11322 // BID: 11344 // CNNVD: CNNVD-200501-287 // NVD: CVE-2004-0927

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2004/oct/msg00000.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/11322	Trust: 1.7
url:	http://www.info.apple.com/usen/security/security_updates.html	Trust: 0.3

sources: VULHUB: VHN-9357 // BID: 11344 // CNNVD: CNNVD-200501-287 // NVD: CVE-2004-0927

CREDITS

Michael Bartosh mbartosh@mac.com

Trust: 0.6

sources: CNNVD: CNNVD-200501-287

SOURCES

db:	VULHUB	id:	VHN-9357
db:	BID	id:	11322
db:	BID	id:	11344
db:	CNNVD	id:	CNNVD-200501-287
db:	NVD	id:	CVE-2004-0927

LAST UPDATE DATE

2024-08-14T12:17:32.863000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-9357	date:	2008-09-05T00:00:00
db:	BID	id:	11322	date:	2009-07-12T07:06:00
db:	BID	id:	11344	date:	2009-07-12T07:06:00
db:	CNNVD	id:	CNNVD-200501-287	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-0927	date:	2008-09-05T20:39:49.123

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-9357	date:	2005-01-27T00:00:00
db:	BID	id:	11322	date:	2004-10-04T00:00:00
db:	BID	id:	11344	date:	2004-10-06T00:00:00
db:	CNNVD	id:	CNNVD-200501-287	date:	2004-10-04T00:00:00
db:	NVD	id:	CVE-2004-0927	date:	2005-01-27T05:00:00