ID CVE-2004-1084
Summary Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
References
Vulnerable Configurations
  • Apple Darwin Streaming Server4.1.3
    cpe:2.3:a:apple:darwin_streaming_server:4.1.3
  • Apple Darwin Streaming Server 5.0.1
    cpe:2.3:a:apple:darwin_streaming_server:5.0.1
  • Apple Quicktime Streaming Server 4.1.1
    cpe:2.3:a:apple:quicktime_streaming_server:4.1.1
  • Apple Mac OS X 10.2
    cpe:2.3:o:apple:mac_os_x:10.2
  • Apple Mac OS X 10.2.1
    cpe:2.3:o:apple:mac_os_x:10.2.1
  • Apple Mac OS X 10.2.2
    cpe:2.3:o:apple:mac_os_x:10.2.2
  • Apple Mac OS X 10.2.3
    cpe:2.3:o:apple:mac_os_x:10.2.3
  • Apple Mac OS X 10.2.4
    cpe:2.3:o:apple:mac_os_x:10.2.4
  • Apple Mac OS X 10.2.5
    cpe:2.3:o:apple:mac_os_x:10.2.5
  • Apple Mac OS X 10.2.6
    cpe:2.3:o:apple:mac_os_x:10.2.6
  • Apple Mac OS X 10.2.7
    cpe:2.3:o:apple:mac_os_x:10.2.7
  • Apple Mac OS X 10.2.8
    cpe:2.3:o:apple:mac_os_x:10.2.8
  • Apple Mac OS X 10.3
    cpe:2.3:o:apple:mac_os_x:10.3
  • Apple Mac OS X 10.3.1
    cpe:2.3:o:apple:mac_os_x:10.3.1
  • Apple Mac OS X 10.3.2
    cpe:2.3:o:apple:mac_os_x:10.3.2
  • Apple Mac OS X 10.3.3
    cpe:2.3:o:apple:mac_os_x:10.3.3
  • Apple Mac OS X 10.3.4
    cpe:2.3:o:apple:mac_os_x:10.3.4
  • Apple Mac OS X 10.3.5
    cpe:2.3:o:apple:mac_os_x:10.3.5
  • Apple Mac OS X 10.3.6
    cpe:2.3:o:apple:mac_os_x:10.3.6
  • Apple Mac OS X Server 10.2
    cpe:2.3:o:apple:mac_os_x_server:10.2
  • Apple Mac OS X Server 10.2.1
    cpe:2.3:o:apple:mac_os_x_server:10.2.1
  • Apple Mac OS X Server 10.2.2
    cpe:2.3:o:apple:mac_os_x_server:10.2.2
  • Apple Mac OS X Server 10.2.3
    cpe:2.3:o:apple:mac_os_x_server:10.2.3
  • Apple Mac OS X Server 10.2.4
    cpe:2.3:o:apple:mac_os_x_server:10.2.4
  • Apple Mac OS X Server 10.2.5
    cpe:2.3:o:apple:mac_os_x_server:10.2.5
  • Apple Mac OS X Server 10.2.6
    cpe:2.3:o:apple:mac_os_x_server:10.2.6
  • Apple Mac OS X Server 10.2.7
    cpe:2.3:o:apple:mac_os_x_server:10.2.7
  • Apple Mac OS X Server 10.2.8
    cpe:2.3:o:apple:mac_os_x_server:10.2.8
  • Apple Mac OS X Server 10.3
    cpe:2.3:o:apple:mac_os_x_server:10.3
  • Apple Mac OS X Server 10.3.1
    cpe:2.3:o:apple:mac_os_x_server:10.3.1
  • Apple Mac OS X Server 10.3.2
    cpe:2.3:o:apple:mac_os_x_server:10.3.2
  • Apple Mac OS X Server 10.3.3
    cpe:2.3:o:apple:mac_os_x_server:10.3.3
  • Apple Mac OS X Server 10.3.4
    cpe:2.3:o:apple:mac_os_x_server:10.3.4
  • Apple Mac OS X Server 10.3.5
    cpe:2.3:o:apple:mac_os_x_server:10.3.5
  • Apple Mac OS X Server 10.3.6
    cpe:2.3:o:apple:mac_os_x_server:10.3.6
CVSS
Base: 5.0 (as of 17-06-2005 - 17:51)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Web Servers
    NASL id HFS_FORK_SOURCE.NASL
    description The remote host seems to be running Mac OS X or Mac OS X Server. There is a flaw in the remote web server that allows an attacker to obtain the source code of any given file on the remote web server by reading it through its data fork directly. An attacker may exploit this flaw to obtain the source code of remote scripts.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 15927
    published 2004-12-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15927
    title Apache on Mac OS X HFS+ Arbitrary File Source Disclosure
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2005-007.NASL
    description The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2005-007 applied. This security update contains fixes for the following products : - Apache 2 - AppKit - Bluetooth - CoreFoundation - CUPS - Directory Services - HItoolbox - Kerberos - loginwindow - Mail - MySQL - OpenSSL - QuartzComposerScreenSaver - ping - Safari - SecurityInterface - servermgrd - servermgr_ipfilter - SquirelMail - traceroute - WebKit - WebLog Server - X11 - zlib
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 19463
    published 2005-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19463
    title Mac OS X Multiple Vulnerabilities (Security Update 2005-007)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD20041202.NASL
    description The remote host is missing Security Update 2004-12-02. This security update contains a number of fixes for the following programs : - Apache - Apache2 - AppKit - Cyrus IMAP - HIToolbox - Kerberos - Postfix - PSNormalizer - QuickTime Streaming Server - Safari - Terminal These programs contain multiple vulnerabilities that could allow a remote attacker to execute arbitrary code.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 15898
    published 2004-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15898
    title Mac OS X Multiple Vulnerabilities (Security Update 2004-12-02)
refmap via4
apple
  • APPLE-SA-2004-12-02
  • APPLE-SA-2005-08-15
  • APPLE-SA-2005-08-17
bid 11802
ciac P-049
secunia 13362
xf apache-hfs-obtain-info(18349)
Last major update 10-09-2008 - 15:28
Published 02-12-2004 - 00:00
Last modified 10-07-2017 - 21:30
Back to Top