Back to search
CVE-2005-1505
Published: May 11, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and checking the credentials, does not prompt the user to use SSL until after the password has already been sent, which causes the password to be sent in plaintext.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
mailapp-account-wizard-plaintext-password(20670)
vdb-entry
x_refsource_XF
20050504 Mac OS 10.4: new-account-wizzard in Mail 2.0 sends clear-text passwords
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now