Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0174

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0174
Last Modified 05 Sep 2008 04:33:40
Published 12 May 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0174

Summary

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

Vulnerable Systems

Operating System

  • Sgi Irix 6.5

  • Sgi Irix 6.5.1

  • Sgi Irix 6.5.10

  • Sgi Irix 6.5.10f

  • Sgi Irix 6.5.10m

  • Sgi Irix 6.5.11

  • Sgi Irix 6.5.11f

  • Sgi Irix 6.5.11m

  • Sgi Irix 6.5.12

  • Sgi Irix 6.5.12f

  • Sgi Irix 6.5.12m

  • Sgi Irix 6.5.13

  • Sgi Irix 6.5.13f

  • Sgi Irix 6.5.13m

  • Sgi Irix 6.5.14

  • Sgi Irix 6.5.14f

  • Sgi Irix 6.5.14m

  • Sgi Irix 6.5.15

  • Sgi Irix 6.5.15f

  • Sgi Irix 6.5.15m

  • Sgi Irix 6.5.16

  • Sgi Irix 6.5.16f

  • Sgi Irix 6.5.16m

  • Sgi Irix 6.5.17

  • Sgi Irix 6.5.17f

  • Sgi Irix 6.5.17m

  • Sgi Irix 6.5.18

  • Sgi Irix 6.5.18f

  • Sgi Irix 6.5.18m

  • Sgi Irix 6.5.19

  • Sgi Irix 6.5.19f

  • Sgi Irix 6.5.19m

  • Sgi Irix 6.5.2

  • Sgi Irix 6.5.2f

  • Sgi Irix 6.5.2m

  • Sgi Irix 6.5.3

  • Sgi Irix 6.5.3f

  • Sgi Irix 6.5.3m

  • Sgi Irix 6.5.4

  • Sgi Irix 6.5.4f

  • Sgi Irix 6.5.4m

  • Sgi Irix 6.5.5

  • Sgi Irix 6.5.5f

  • Sgi Irix 6.5.5m

  • Sgi Irix 6.5.6

  • Sgi Irix 6.5.6f

  • Sgi Irix 6.5.6m

  • Sgi Irix 6.5.7

  • Sgi Irix 6.5.7f

  • Sgi Irix 6.5.7m

  • Sgi Irix 6.5.8

  • Sgi Irix 6.5.8f

  • Sgi Irix 6.5.8m

  • Sgi Irix 6.5.9

  • Sgi Irix 6.5.9f

  • Sgi Irix 6.5.9m


References

BID - 7442

SGI - 20030407-01-P

XF - irix-ldap-authentication-bypass(11860)

CIAC - N-084


Last Updated: 27 May 2016 10:37:48