CVE-2004-1083

Name of the Vulnerable Software and Affected Versions: Apache for Apple Mac OS X versions 10.2.8 and 10.3.6

Description: The issue arises from the difference in how Apache and the Apple HFS+ filesystem handle file access in terms of case sensitivity. Apache restricts access to files in a case-sensitive manner, while the HFS+ filesystem accesses files in a case-insensitive manner. This discrepancy allows remote attackers to read specific files, such as .DS Store files and files beginning with ".ht", by utilizing alternate capitalization.

Recommendations: For Apache on Apple Mac OS X 10.2.8, consider restricting access to sensitive files through configuration changes to mitigate the risk of unauthorized access. For Apache on Apple Mac OS X 10.3.6, restrict access to sensitive files through configuration changes to minimize the risk of exploitation.