← CVECheck
HomeVulnerabilities

CVE-2003-0881 — HIGH severity vulnerability (Mail in Mac OS X before 10.3, when configured to use MD5 Cha)

Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.

CVE IDCVE-2003-0881
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2003-11-03
Last modified2026-04-16
DescriptionMail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →