Cleartext Transmission of iDisk Authentication Credentials in Mail.app
CVE-2002-2326 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.
Learn more about our Network Penetration Testing.