7.5

CVE-2004-0823

OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenldapOpenldap Version1.0
OpenldapOpenldap Version1.0.1
OpenldapOpenldap Version1.0.2
OpenldapOpenldap Version1.0.3
OpenldapOpenldap Version1.1
OpenldapOpenldap Version1.1.1
OpenldapOpenldap Version1.1.2
OpenldapOpenldap Version1.1.3
OpenldapOpenldap Version1.1.4
OpenldapOpenldap Version1.2
OpenldapOpenldap Version1.2.1
OpenldapOpenldap Version1.2.2
OpenldapOpenldap Version1.2.3
OpenldapOpenldap Version1.2.4
OpenldapOpenldap Version1.2.5
OpenldapOpenldap Version1.2.6
OpenldapOpenldap Version1.2.7
OpenldapOpenldap Version1.2.8
OpenldapOpenldap Version1.2.9
OpenldapOpenldap Version1.2.10
OpenldapOpenldap Version1.2.11
OpenldapOpenldap Version1.2.12
OpenldapOpenldap Version1.2.13
OpenldapOpenldap Version2.0
OpenldapOpenldap Version2.0.1
OpenldapOpenldap Version2.0.2
OpenldapOpenldap Version2.0.3
OpenldapOpenldap Version2.0.4
OpenldapOpenldap Version2.0.5
OpenldapOpenldap Version2.0.6
OpenldapOpenldap Version2.0.7
OpenldapOpenldap Version2.0.8
OpenldapOpenldap Version2.0.9
OpenldapOpenldap Version2.0.10
OpenldapOpenldap Version2.0.11
OpenldapOpenldap Version2.0.11_9
OpenldapOpenldap Version2.0.11_11
OpenldapOpenldap Version2.0.11_11s
OpenldapOpenldap Version2.0.12
OpenldapOpenldap Version2.0.13
OpenldapOpenldap Version2.0.14
OpenldapOpenldap Version2.0.15
OpenldapOpenldap Version2.0.16
OpenldapOpenldap Version2.0.17
OpenldapOpenldap Version2.0.18
OpenldapOpenldap Version2.0.19
OpenldapOpenldap Version2.0.20
OpenldapOpenldap Version2.0.21
OpenldapOpenldap Version2.0.22
OpenldapOpenldap Version2.0.23
OpenldapOpenldap Version2.0.25
OpenldapOpenldap Version2.0.27
OpenldapOpenldap Version2.1.4
OpenldapOpenldap Version2.1.10
OpenldapOpenldap Version2.1.11
OpenldapOpenldap Version2.1.12
OpenldapOpenldap Version2.1.13
OpenldapOpenldap Version2.1.14
OpenldapOpenldap Version2.1.15
OpenldapOpenldap Version2.1.16
OpenldapOpenldap Version2.1.17
OpenldapOpenldap Version2.1.18
OpenldapOpenldap Version2.1.19
OpenldapOpenldap Version2.1_.20
ApplemacOS X Version10.2.8
ApplemacOS X Version10.3.4
ApplemacOS X Version10.3.5
ApplemacOS X Server Version10.2.8
ApplemacOS X Server Version10.3.4
ApplemacOS X Server Version10.3.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.74% 0.842
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/21520
http://www.securityfocus.com/advisories/7148
Patch
Vendor Advisory
http://secunia.com/advisories/12491/
Patch
Vendor Advisory
http://secunia.com/advisories/17233
http://support.avaya.com/elmodocs2/security/ASA-2006-157.htm
http://www.auscert.org.au/render.html?it=4363
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-751.html
http://www.securityfocus.com/bid/11137
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10703