Lucene search

[email protected]CVE-2006-5835

HistoryNov 10, 2006 - 1:07 a.m.

CVE-2006-5835

2006-11-1001:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ibm

lotus notes

domino

nrpc

protocol

vulnerability

authentication

user id file

cve-2006-5835

9.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

79.2%

JSON

The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.

CPENameOperatorVersion
ibm:lotus_notesibm lotus noteseq6.5.2
ibm:lotus_notesibm lotus noteseq6.0
ibm:lotus_notesibm lotus noteseq6.0.1
ibm:lotus_notesibm lotus noteseq5.0.3
ibm:lotus_notesibm lotus noteseq5.0.12
ibm:lotus_notesibm lotus noteseq6.0.2
ibm:lotus_notesibm lotus noteseq7.0
ibm:lotus_notesibm lotus noteseq6.0.4
ibm:lotus_notesibm lotus noteseq6.5.4
ibm:lotus_notesibm lotus noteseq6.5.1

CPE	Name	Operator	Version
ibm:lotus_notes	ibm lotus notes	eq	6.5.2
ibm:lotus_notes	ibm lotus notes	eq	6.0
ibm:lotus_notes	ibm lotus notes	eq	6.0.1
ibm:lotus_notes	ibm lotus notes	eq	5.0.3
ibm:lotus_notes	ibm lotus notes	eq	5.0.12
ibm:lotus_notes	ibm lotus notes	eq	6.0.2
ibm:lotus_notes	ibm lotus notes	eq	7.0
ibm:lotus_notes	ibm lotus notes	eq	6.0.4
ibm:lotus_notes	ibm lotus notes	eq	6.5.4
ibm:lotus_notes	ibm lotus notes	eq	6.5.1

Rows per page:

1-10 of 161

References

secunia.com/advisories/22741

securitytracker.com/id?1017203

www-1.ibm.com/support/docview.wss?rs=463&uid=swg21248026

www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf

www.securityfocus.com/bid/20960

www.vupen.com/english/advisories/2006/4411

exchange.xforce.ibmcloud.com/vulnerabilities/30118

9.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

79.2%

JSON

Related for CVE-2006-5835

openvas2 d21 nmap1