ID CVE-2005-2745
Summary Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information.
References
Vulnerable Configurations
  • Apple Mac OS X 10.3.9
    cpe:2.3:o:apple:mac_os_x:10.3.9
  • Apple Mac OS X Server 10.3.9
    cpe:2.3:o:apple:mac_os_x_server:10.3.9
CVSS
Base: 5.0 (as of 26-10-2005 - 10:15)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2005-008.NASL
    description The remote host is running Apple Mac OS X, but lacks Security Update 2005-008. This security update contains fixes for the following applications : - ImageIO - LibSystem - Mail - QuickDraw - Ruby - SecurityAgent - securityd
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 19773
    published 2005-09-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19773
    title Mac OS X Multiple Vulnerabilities (Security Update 2005-008)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2005-007.NASL
    description The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2005-007 applied. This security update contains fixes for the following products : - Apache 2 - AppKit - Bluetooth - CoreFoundation - CUPS - Directory Services - HItoolbox - Kerberos - loginwindow - Mail - MySQL - OpenSSL - QuartzComposerScreenSaver - ping - Safari - SecurityInterface - servermgrd - servermgr_ipfilter - SquirelMail - traceroute - WebKit - WebLog Server - X11 - zlib
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 19463
    published 2005-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19463
    title Mac OS X Multiple Vulnerabilities (Security Update 2005-007)
refmap via4
apple APPLE-SA-2005-09-22
auscert ESB-2005.0732
ciac P-312
secunia 16920
Last major update 05-09-2008 - 16:52
Published 25-10-2005 - 20:02
Back to Top