CVE-2003-0174 — CRITICAL severity vulnerability (The LDAP name service (nsd) in IRIX 6.5.19 and earlier does)
The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.
| CVE ID | CVE-2003-0174 |
|---|---|
| Severity | CRITICAL |
| CVSS score | 9.8 |
| CVSS vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CWE | CWE-346 |
| Status | Modified |
| Published | 2003-05-12 |
| Last modified | 2026-04-16 |
| Description | The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →