File Reading Vulnerability in Apache for Mac OS X by Apple
CVE-2004-1084

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime Streaming Server; Darwin Streaming Server
Vendor: CVE Published:; 2 December 2004

Summary

A vulnerability exists in Apache for Apple Mac OS X versions 10.2.8 and 10.3.6, which allows remote attackers to exploit HTTP requests directed at specific special file names. This vulnerability permits the reading of files and the extraction of resource fork content through bypassing control mechanisms within Apache. As a result, sensitive information might be exposed across the network, making it critical for users and administrators to apply security updates and monitor their system configurations.

References

http://www.securityfocus.com/bid/11802

vdb-entryx_refsource_BID

http://secunia.com/advisories/13362/

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/18349

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 2, 2004
Vulnerability Reserved
Nov 30, 2004