Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2003-0174

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

Published

2003-05-12T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-346

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	sgi	irix	≤ 6.5.19	Yes

References

ftp://patches.sgi.com/support/free/security/advisories/20030407-01-P Broken Link, Patch, Vendor Advisory ([email protected])
http://www.ciac.org/ciac/bulletins/n-084.shtml Broken Link ([email protected])
http://www.securityfocus.com/bid/7442 Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/11860 Third Party Advisory, VDB Entry ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20030407-01-P Broken Link, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ciac.org/ciac/bulletins/n-084.shtml Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/7442 Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/11860 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)