CVE-2004-0823

Name of the Vulnerable Software and Affected Versions OpenLDAP versions 1.0 through 2.1.19

Description The issue allows certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords. This enables remote attackers to re-use hashed passwords without decrypting them.

Recommendations For OpenLDAP versions 1.0 through 2.1.19, consider updating to a version where this issue is resolved, although the specific fixed version is not provided in the available data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.