CVE-2003-0881

Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.
Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:45

Type Values Removed Values Added
References () http://docs.info.apple.com/article.html?artnum=61798 - Patch, Vendor Advisory () http://docs.info.apple.com/article.html?artnum=61798 - Patch, Vendor Advisory
References () http://lists.apple.com/mhonarc/security-announce/msg00038.html - () http://lists.apple.com/mhonarc/security-announce/msg00038.html -

Information

Published : 2003-11-03 05:00

Updated : 2024-11-20 23:45


NVD link : CVE-2003-0881

Mitre link : CVE-2003-0881

CVE.ORG link : CVE-2003-0881


JSON object : View

Products Affected

apple

  • mac_os_x