Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenLDAP CRYPT密码验证漏洞
Vulnerability Description
Mac OS X是一款使用在Mac机器上的操作系统,基于BSD系统。 OpenLDAP在进行验证CRYPT密码时存在问题,远程攻击者可以利用这个漏洞使用其他用户的CRYPT值作为密码登录。 OpenLDAP存在一个漏洞,影响Apple's Mac OS X及其他操作系统。攻击者使用目标用户密码的CRYPT值就能以目标用户权限登录。Apple报告CRYPT密码可以明文密码作为userPassword特定。根据报告,部分验证机制可使用CRYPT值作为明文密码。
CVSS Information
N/A
Vulnerability Type
N/A