CVE-2004-1083
HIGHApache for Apple Mac OS X 10.2.8-10.3.6 - Info Disclosure
Title source: llmDescription
Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.
References (7)
Core 7
Core References
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11802
Broken Link, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/13362/
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
Mailing List, Patch vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18348
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
Broken Link, Patch, Vendor Advisory third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/p-049.shtml
Scores
CVSS v3
7.5
EPSS
0.0188
EPSS Percentile
76.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-178
Status
published
Products (35)
apple/darwin_streaming_server
4.1.3
apple/darwin_streaming_server
5.0.1
apple/mac_os_x
10.2
apple/mac_os_x
10.2.1
apple/mac_os_x
10.2.2
apple/mac_os_x
10.2.3
apple/mac_os_x
10.2.4
apple/mac_os_x
10.2.5
apple/mac_os_x
10.2.6
apple/mac_os_x
10.2.7
... and 25 more
Published
Dec 03, 2004
Tracked Since
Feb 18, 2026