Lucene search

K
nvd[email protected]NVD:CVE-2006-6493
HistoryDec 13, 2006 - 12:28 a.m.

CVE-2006-6493

2006-12-1300:28:00
web.nvd.nist.gov
8
buffer overflow
openldap
ldap_auth_krbv41
remote attackers
kerberos

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.118

Percentile

95.4%

Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary code via an LDAP bind request using the LDAP_AUTH_KRBV41 authentication method and long credential data.

Affected configurations

Nvd
Node
openldapopenldapRange2.4.3
OR
openldapopenldapMatch1.0
OR
openldapopenldapMatch1.0.1
OR
openldapopenldapMatch1.0.2
OR
openldapopenldapMatch1.0.3
OR
openldapopenldapMatch1.1
OR
openldapopenldapMatch1.1.0
OR
openldapopenldapMatch1.1.1
OR
openldapopenldapMatch1.1.2
OR
openldapopenldapMatch1.1.3
OR
openldapopenldapMatch1.1.4
OR
openldapopenldapMatch1.2
OR
openldapopenldapMatch1.2.0
OR
openldapopenldapMatch1.2.1
OR
openldapopenldapMatch1.2.2
OR
openldapopenldapMatch1.2.3
OR
openldapopenldapMatch1.2.4
OR
openldapopenldapMatch1.2.5
OR
openldapopenldapMatch1.2.6
OR
openldapopenldapMatch1.2.7
OR
openldapopenldapMatch1.2.8
OR
openldapopenldapMatch1.2.9
OR
openldapopenldapMatch1.2.10
OR
openldapopenldapMatch1.2.11
OR
openldapopenldapMatch1.2.12
OR
openldapopenldapMatch1.2.13
OR
openldapopenldapMatch2.0
OR
openldapopenldapMatch2.0.0
OR
openldapopenldapMatch2.0.1
OR
openldapopenldapMatch2.0.2
OR
openldapopenldapMatch2.0.3
OR
openldapopenldapMatch2.0.4
OR
openldapopenldapMatch2.0.5
OR
openldapopenldapMatch2.0.6
OR
openldapopenldapMatch2.0.7
OR
openldapopenldapMatch2.0.8
OR
openldapopenldapMatch2.0.9
OR
openldapopenldapMatch2.0.10
OR
openldapopenldapMatch2.0.11
OR
openldapopenldapMatch2.0.11_9
OR
openldapopenldapMatch2.0.11_11
OR
openldapopenldapMatch2.0.11_11s
OR
openldapopenldapMatch2.0.12
OR
openldapopenldapMatch2.0.13
OR
openldapopenldapMatch2.0.14
OR
openldapopenldapMatch2.0.15
OR
openldapopenldapMatch2.0.16
OR
openldapopenldapMatch2.0.17
OR
openldapopenldapMatch2.0.18
OR
openldapopenldapMatch2.0.19
OR
openldapopenldapMatch2.0.20
OR
openldapopenldapMatch2.0.21
OR
openldapopenldapMatch2.0.22
OR
openldapopenldapMatch2.0.23
OR
openldapopenldapMatch2.0.24
OR
openldapopenldapMatch2.0.25
OR
openldapopenldapMatch2.0.26
OR
openldapopenldapMatch2.0.27
OR
openldapopenldapMatch2.1.2
OR
openldapopenldapMatch2.1.3
OR
openldapopenldapMatch2.1.4
OR
openldapopenldapMatch2.1.5
OR
openldapopenldapMatch2.1.6
OR
openldapopenldapMatch2.1.7
OR
openldapopenldapMatch2.1.8
OR
openldapopenldapMatch2.1.9
OR
openldapopenldapMatch2.1.10
OR
openldapopenldapMatch2.1.11
OR
openldapopenldapMatch2.1.12
OR
openldapopenldapMatch2.1.13
OR
openldapopenldapMatch2.1.14
OR
openldapopenldapMatch2.1.15
OR
openldapopenldapMatch2.1.16
OR
openldapopenldapMatch2.1.17
OR
openldapopenldapMatch2.1.18
OR
openldapopenldapMatch2.1.19
OR
openldapopenldapMatch2.1.20
OR
openldapopenldapMatch2.1.21
OR
openldapopenldapMatch2.1.22
OR
openldapopenldapMatch2.1.23
OR
openldapopenldapMatch2.1.24
OR
openldapopenldapMatch2.1.25
OR
openldapopenldapMatch2.1.26
OR
openldapopenldapMatch2.1.27
OR
openldapopenldapMatch2.1.28
OR
openldapopenldapMatch2.1.29
OR
openldapopenldapMatch2.1.30
OR
openldapopenldapMatch2.1_.20
OR
openldapopenldapMatch2.2.0
OR
openldapopenldapMatch2.2.1
OR
openldapopenldapMatch2.2.4
OR
openldapopenldapMatch2.2.5
OR
openldapopenldapMatch2.2.6
OR
openldapopenldapMatch2.2.7
OR
openldapopenldapMatch2.2.8
OR
openldapopenldapMatch2.2.9
OR
openldapopenldapMatch2.2.10
OR
openldapopenldapMatch2.2.11
OR
openldapopenldapMatch2.2.12
OR
openldapopenldapMatch2.2.13
OR
openldapopenldapMatch2.2.14
OR
openldapopenldapMatch2.2.15
OR
openldapopenldapMatch2.2.16
OR
openldapopenldapMatch2.2.17
OR
openldapopenldapMatch2.2.18
OR
openldapopenldapMatch2.2.19
OR
openldapopenldapMatch2.2.20
OR
openldapopenldapMatch2.2.21
OR
openldapopenldapMatch2.2.22
OR
openldapopenldapMatch2.2.23
OR
openldapopenldapMatch2.2.24
OR
openldapopenldapMatch2.2.25
OR
openldapopenldapMatch2.2.26
OR
openldapopenldapMatch2.2.27
OR
openldapopenldapMatch2.2.28_r2
OR
openldapopenldapMatch2.3.27_2_2006-10-18
OR
openldapopenldapMatch2.3.28_2_2006-10-22
OR
openldapopenldapMatch2.3.28_2006-10-22
OR
openldapopenldapMatch2.3.28_e1.0.0
VendorProductVersionCPE
openldapopenldap*cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*
openldapopenldap1.0cpe:2.3:a:openldap:openldap:1.0:*:*:*:*:*:*:*
openldapopenldap1.0.1cpe:2.3:a:openldap:openldap:1.0.1:*:*:*:*:*:*:*
openldapopenldap1.0.2cpe:2.3:a:openldap:openldap:1.0.2:*:*:*:*:*:*:*
openldapopenldap1.0.3cpe:2.3:a:openldap:openldap:1.0.3:*:*:*:*:*:*:*
openldapopenldap1.1cpe:2.3:a:openldap:openldap:1.1:*:*:*:*:*:*:*
openldapopenldap1.1.0cpe:2.3:a:openldap:openldap:1.1.0:*:*:*:*:*:*:*
openldapopenldap1.1.1cpe:2.3:a:openldap:openldap:1.1.1:*:*:*:*:*:*:*
openldapopenldap1.1.2cpe:2.3:a:openldap:openldap:1.1.2:*:*:*:*:*:*:*
openldapopenldap1.1.3cpe:2.3:a:openldap:openldap:1.1.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 1191

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.118

Percentile

95.4%