Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-0823
HistoryApr 14, 2005 - 4:00 a.m.

CVE-2004-0823

2005-04-1404:00:00
[email protected]
web.nvd.nist.gov
28
openldap
apple mac os
cve-2004-0823
authentication
crypt password

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.5%

JSON

OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them.

Affected configurations

NVD
Node
openldapopenldapMatch1.0
OR
openldapopenldapMatch1.0.1
OR
openldapopenldapMatch1.0.2
OR
openldapopenldapMatch1.0.3
OR
openldapopenldapMatch1.1
OR
openldapopenldapMatch1.1.1
OR
openldapopenldapMatch1.1.2
OR
openldapopenldapMatch1.1.3
OR
openldapopenldapMatch1.1.4
OR
openldapopenldapMatch1.2
OR
openldapopenldapMatch1.2.1
OR
openldapopenldapMatch1.2.2
OR
openldapopenldapMatch1.2.3
OR
openldapopenldapMatch1.2.4
OR
openldapopenldapMatch1.2.5
OR
openldapopenldapMatch1.2.6
OR
openldapopenldapMatch1.2.7
OR
openldapopenldapMatch1.2.8
OR
openldapopenldapMatch1.2.9
OR
openldapopenldapMatch1.2.10
OR
openldapopenldapMatch1.2.11
OR
openldapopenldapMatch1.2.12
OR
openldapopenldapMatch1.2.13
OR
openldapopenldapMatch2.0
OR
openldapopenldapMatch2.0.1
OR
openldapopenldapMatch2.0.2
OR
openldapopenldapMatch2.0.3
OR
openldapopenldapMatch2.0.4
OR
openldapopenldapMatch2.0.5
OR
openldapopenldapMatch2.0.6
OR
openldapopenldapMatch2.0.7
OR
openldapopenldapMatch2.0.8
OR
openldapopenldapMatch2.0.9
OR
openldapopenldapMatch2.0.10
OR
openldapopenldapMatch2.0.11
OR
openldapopenldapMatch2.0.11_9
OR
openldapopenldapMatch2.0.11_11
OR
openldapopenldapMatch2.0.11_11s
OR
openldapopenldapMatch2.0.12
OR
openldapopenldapMatch2.0.13
OR
openldapopenldapMatch2.0.14
OR
openldapopenldapMatch2.0.15
OR
openldapopenldapMatch2.0.16
OR
openldapopenldapMatch2.0.17
OR
openldapopenldapMatch2.0.18
OR
openldapopenldapMatch2.0.19
OR
openldapopenldapMatch2.0.20
OR
openldapopenldapMatch2.0.21
OR
openldapopenldapMatch2.0.22
OR
openldapopenldapMatch2.0.23
OR
openldapopenldapMatch2.0.25
OR
openldapopenldapMatch2.0.27
OR
openldapopenldapMatch2.1.4
OR
openldapopenldapMatch2.1.10
OR
openldapopenldapMatch2.1.11
OR
openldapopenldapMatch2.1.12
OR
openldapopenldapMatch2.1.13
OR
openldapopenldapMatch2.1.14
OR
openldapopenldapMatch2.1.15
OR
openldapopenldapMatch2.1.16
OR
openldapopenldapMatch2.1.17
OR
openldapopenldapMatch2.1.18
OR
openldapopenldapMatch2.1.19
OR
openldapopenldapMatch2.1_.20
Node
applemac_os_xMatch10.2.8
OR
applemac_os_xMatch10.3.4
OR
applemac_os_xMatch10.3.5
OR
applemac_os_x_serverMatch10.2.8
OR
applemac_os_x_serverMatch10.3.4
OR
applemac_os_x_serverMatch10.3.5

Related

nvd 1
cvelist 1
centos 3
redhat 1
nessus 3
nvd
nvd
CVE-2004-0823
2004-09-07 04:00:00
cvelist
cvelist
CVE-2004-0823
2005-04-14 04:00:00
centos
centos
nss_ldap, openldap security update
2005-10-18 04:23:45
xloadimage security update
2005-10-18 16:28:19
nss_ldap, openldap security update
2005-10-17 10:35:43
redhat
redhat
(RHSA-2005:751) openldap and nss_ldap security update
2005-10-17 00:00:00
nessus
nessus
CentOS 3 : openldap / nss_ldap (CESA-2005:751)
2006-07-03 00:00:00
RHEL 2.1 / 3 : openldap and nss_ldap (RHSA-2005:751)
2005-10-19 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2004-09-07)
2004-09-08 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.5%

JSON
Related for CVE-2004-0823
nvd1cvelist1centos3redhat1nessus3