CVE-2003-0174 Information

Description

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server which could allow attackers to log in without a password.

Reference

ftp://patches.sgi.com/support/free/security/advisories/20030407-01-P http://www.ciac.org/ciac/bulletins/n-084.shtml http://www.securityfocus.com/bid/7442 https://exchange.xforce.ibmcloud.com/vulnerabilities/11860