CVE-2003-0174

Severity

75%

Complexity

99%

Confidentiality

106%

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 21 years ago

2003-05-12 04:00:00

Last updated 7 years ago

2017-07-11 01:29:00

Affected Software

SGI IRIX 6.5

6.5

SGI IRIX 6.5.1

6.5.1

SGI IRIX 6.5.2

6.5.2

SGI IRIX 6.5.2f

6.5.2f

SGI IRIX 6.5.2m

6.5.2m

SGI IRIX 6.5.3

6.5.3

SGI IRIX 6.5.3f

6.5.3f

SGI IRIX 6.5.3m

6.5.3m

SGI IRIX 6.5.4

6.5.4

SGI IRIX 6.5.4f

6.5.4f

SGI IRIX 6.5.4m

6.5.4m

SGI IRIX 6.5.5

6.5.5

SGI IRIX 6.5.5f

6.5.5f

SGI IRIX 6.5.5m

6.5.5m

SGI IRIX 6.5.6

6.5.6

SGI IRIX 6.5.6f

6.5.6f

SGI IRIX 6.5.6m

6.5.6m

SGI IRIX 6.5.7

6.5.7

SGI IRIX 6.5.7f

6.5.7f

SGI IRIX 6.5.7m

6.5.7m

SGI IRIX 6.5.8

6.5.8

SGI IRIX 6.5.8f

6.5.8f

SGI IRIX 6.5.8m

6.5.8m

SGI IRIX 6.5.9

6.5.9

SGI IRIX 6.5.9f

6.5.9f

SGI IRIX 6.5.9m

6.5.9m

SGI IRIX 6.5.10

6.5.10

SGI IRIX 6.5.10f

6.5.10f

SGI IRIX 6.5.10m

6.5.10m

SGI IRIX 6.5.11

6.5.11

SGI IRIX 6.5.11f

6.5.11f

SGI IRIX 6.5.11m

6.5.11m

SGI IRIX 6.5.12

6.5.12

SGI IRIX 6.5.12f

6.5.12f

SGI IRIX 6.5.12m

6.5.12m

SGI IRIX 6.5.13

6.5.13

SGI IRIX 6.5.13f

6.5.13f

SGI IRIX 6.5.13m

6.5.13m

SGI IRIX 6.5.14

6.5.14

SGI IRIX 6.5.14f

6.5.14f

SGI IRIX 6.5.14m

6.5.14m

SGI IRIX 6.5.15

6.5.15

SGI IRIX 6.5.15f

6.5.15f

SGI IRIX 6.5.15m

6.5.15m

SGI IRIX 6.5.16

6.5.16

SGI IRIX 6.5.16f

6.5.16f

SGI IRIX 6.5.16m

6.5.16m

SGI IRIX 6.5.17

6.5.17

SGI IRIX 6.5.17f

6.5.17f

SGI IRIX 6.5.17m

6.5.17m

SGI IRIX 6.5.18

6.5.18

SGI IRIX 6.5.18f

6.5.18f

SGI IRIX 6.5.18m

6.5.18m

SGI IRIX 6.5.19

6.5.19

SGI IRIX 6.5.19f

6.5.19f

SGI IRIX 6.5.19m

6.5.19m

References

20030407-01-P

Patch, Vendor Advisory

N-084

7442

Patch, Vendor Advisory

irix-ldap-authentication-bypass(11860)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.