Lucene search

[email protected]CVE-2003-0426

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0426

2003-08-2704:00:00

[email protected]

web.nvd.nist.gov

apple quicktime

darwin streaming server

installation

remote attackers

administrator password

privileges

vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.9%

JSON

The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a “Setup Assistant” page that allows remote attackers to set the administrator password and gain privileges before the real administrator.

Affected configurations

NVD

Node

appledarwin_streaming_serverMatch4.1.3

CPENameOperatorVersion
apple:darwin_streaming_serverapple darwin streaming servereq4.1.3

CPE	Name	Operator	Version
apple:darwin_streaming_server	apple darwin streaming server	eq	4.1.3

References

archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html

www.rapid7.com/advisories/R7-0015.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.9%

JSON

Related for CVE-2003-0426

cvelist1 nvd1 securityvulns1