CVE-2004-0823 in OpenLDAPinfo

Summary

OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

08/27/2004

Disclosure

09/07/2004

Moderation

VulDB entry created

Entries

VDB-22200 (1)

CPE

ready

CWE

CWE-287 (Confirmed)

CVSS

7.3

EPSS

0.00506

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0823
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0823
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0823/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!