Cleartext Transmission of iDisk Authentication Credentials in Mail.app

Cleartext Transmission of iDisk Authentication Credentials in Mail.app

CVE-2002-2326 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.

Learn more about our Network Penetration Testing.