The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:43
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/bugtraq/2002-07/0276.html - | |
References | () http://archives.neohapsis.com/archives/bugtraq/2002-07/0281.html - | |
References | () http://www.iss.net/security_center/static/9670.php - | |
References | () http://www.securityfocus.com/bid/5303 - |
Information
Published : 2002-12-31 05:00
Updated : 2024-11-20 23:43
NVD link : CVE-2002-2326
Mitre link : CVE-2002-2326
CVE.ORG link : CVE-2002-2326
JSON object : View
Products Affected
apple
- mac_os_x
CWE
CWE-310
Cryptographic Issues