Vulnerability Name:

CVE-2004-0823 (CCN-17300)

Assigned:2004-09-07
Published:2004-09-07
Updated:2017-10-11
Summary:OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2004-0823

Source: CCN
Type: RHSA-2005-751
openldap and nss_ldap security update

Source: CCN
Type: SA12491
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
12491

Source: SECUNIA
Type: UNKNOWN
17233

Source: CCN
Type: SA21520
Avaya Products Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
21520

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-157.htm

Source: CCN
Type: ASA-2006-157
openldap and nss_ldap security update

Source: AUSCERT
Type: Patch, Vendor Advisory
ESB-2004.0559

Source: CCN
Type: CIAC Information Bulletin O-212
Apple Security Update

Source: REDHAT
Type: UNKNOWN
RHSA-2005:751

Source: APPLE
Type: Patch, Vendor Advisory
APPLE-SA-2004-09-07

Source: BID
Type: Patch, Vendor Advisory
11137

Source: CCN
Type: BID-11137
OpenLDAP Ambiguous Password Attribute Weakness

Source: XF
Type: UNKNOWN
openldap-crypt-gain-access(17300)

Source: XF
Type: UNKNOWN
openldap-crypt-gain-access(17300)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10703

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openldap:openldap:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:1.2.13:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.11_9:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.11_11:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.11_11s:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.22:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.25:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.0.27:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1.19:*:*:*:*:*:*:*
  • OR cpe:/a:openldap:openldap:2.1_.20:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:openldap:openldap:*:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:10703
    V
    		OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them.
    2013-04-29
    oval:com.redhat.rhsa:def:20050751
    P
    		RHSA-2005:751: openldap and nss_ldap security update (Moderate)
    2005-10-17
    BACK
    openldap openldap 1.0
    openldap openldap 1.0.1
    openldap openldap 1.0.2
    openldap openldap 1.0.3
    openldap openldap 1.1
    openldap openldap 1.1.1
    openldap openldap 1.1.2
    openldap openldap 1.1.3
    openldap openldap 1.1.4
    openldap openldap 1.2
    openldap openldap 1.2.1
    openldap openldap 1.2.2
    openldap openldap 1.2.3
    openldap openldap 1.2.4
    openldap openldap 1.2.5
    openldap openldap 1.2.6
    openldap openldap 1.2.7
    openldap openldap 1.2.8
    openldap openldap 1.2.9
    openldap openldap 1.2.10
    openldap openldap 1.2.11
    openldap openldap 1.2.12
    openldap openldap 1.2.13
    openldap openldap 2.0
    openldap openldap 2.0.1
    openldap openldap 2.0.2
    openldap openldap 2.0.3
    openldap openldap 2.0.4
    openldap openldap 2.0.5
    openldap openldap 2.0.6
    openldap openldap 2.0.7
    openldap openldap 2.0.8
    openldap openldap 2.0.9
    openldap openldap 2.0.10
    openldap openldap 2.0.11
    openldap openldap 2.0.11_9
    openldap openldap 2.0.11_11
    openldap openldap 2.0.11_11s
    openldap openldap 2.0.12
    openldap openldap 2.0.13
    openldap openldap 2.0.14
    openldap openldap 2.0.15
    openldap openldap 2.0.16
    openldap openldap 2.0.17
    openldap openldap 2.0.18
    openldap openldap 2.0.19
    openldap openldap 2.0.20
    openldap openldap 2.0.21
    openldap openldap 2.0.22
    openldap openldap 2.0.23
    openldap openldap 2.0.25
    openldap openldap 2.0.27
    openldap openldap 2.1.4
    openldap openldap 2.1.10
    openldap openldap 2.1.11
    openldap openldap 2.1.12
    openldap openldap 2.1.13
    openldap openldap 2.1.14
    openldap openldap 2.1.15
    openldap openldap 2.1.16
    openldap openldap 2.1.17
    openldap openldap 2.1.18
    openldap openldap 2.1.19
    openldap openldap 2.1_.20
    apple mac os x 10.2.8
    apple mac os x 10.3.4
    apple mac os x 10.3.5
    apple mac os x server 10.2.8
    apple mac os x server 10.3.4
    apple mac os x server 10.3.5
    openldap openldap *
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    apple mac os x 10.3.5
    redhat linux advanced workstation 2.1
    apple mac os x 10.3.4
    apple mac os x server 10.3.4
    apple mac os x server 10.3.5