CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2003-0174

CVSS 9.8v3.1pub. 2003-05-12upd. 2026-04-16

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sgi Irix

    OS
    Sgi
    ≤ 6.5.19
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2001-0248CRITICAL9.8ten sam produkt

Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a l...

CVE-2001-0249CRITICAL9.8ten sam produkt

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a l...

CVE-2010-1039HIGH10.0ten sam produkt

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2...

CVE-2007-4938HIGH7.6ten sam produkt

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to ...

CVE-2005-2925HIGH7.2ten sam produkt

runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shel...