CVE-2003-0378 Information

Description

The Kerberos login authentication feature in Mac OS X when used with an LDAPv3 server and LDAP bind authentication may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set.

Reference

http://docs.info.apple.com/article.html?artnum=107579 http://www.kb.cert.org/vuls/id/467828