exploitDog

CVE-2003-0881

Опубликовано: 03 нояб. 2003

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.

Ссылки

http://docs.info.apple.com/article.html?artnum=61798
Patch
Vendor Advisory
http://lists.apple.com/mhonarc/security-announce/msg00038.html
http://docs.info.apple.com/article.html?artnum=61798
Patch
Vendor Advisory
http://lists.apple.com/mhonarc/security-announce/msg00038.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия до 10.3 (включая)

EPSS

Процентиль: 73%

0.00785

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5v56-57g8-p27v

github

больше 3 лет назад

Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.

EPSS

Процентиль: 73%

0.00785

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other