CVE-2004-1088

CVE Database · CVE-2004-1088

CVE-2004-1088

· N/AModified

CVSS v3.1

N/A

EPSS

1.65%

Published

Dec 2, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information.

Affected Products (35)

apple · darwin_streaming_servervulnerable

apple · quicktime_streaming_servervulnerable

apple · mac_os_xvulnerable

References (10)

http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

PatchVendor Advisory

http://secunia.com/advisories/13362/

PatchVendor Advisory

http://www.ciac.org/ciac/bulletins/p-049.shtml

PatchVendor Advisory

http://www.securityfocus.com/bid/11802

https://exchange.xforce.ibmcloud.com/vulnerabilities/18353

http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

PatchVendor Advisory

http://secunia.com/advisories/13362/

KEV Catalog EPSS Scores Vendors All CVEs