Skip to content
Saturday, December 6, 2025
High Published: Sep 07, 2004 Modified: Apr 03, 2025

CVE-2004-0823

7.5 CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Share:

Description

OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality P
Integrity P
Availability P

Affected Software Configurations

  • a openldap openldap 1.0 * * * * * * *
  • a openldap openldap 1.0.1 * * * * * * *
  • a openldap openldap 1.0.2 * * * * * * *
  • a openldap openldap 1.0.3 * * * * * * *
  • a openldap openldap 1.1 * * * * * * *
  • a openldap openldap 1.1.1 * * * * * * *
  • a openldap openldap 1.1.2 * * * * * * *
  • a openldap openldap 1.1.3 * * * * * * *
  • a openldap openldap 1.1.4 * * * * * * *
  • a openldap openldap 1.2 * * * * * * *

Weaknesses (CWE)

  • NVD-CWE-Other

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More
← Back to CVE Tracker