25 matches found
CVE-2006-5835
The Notes Remote Procedure Call NRPC protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file...
CVE-2006-5835
IBM Lotus Notes Domino NRPC allows unauthenticated user lookups, enabling remote attackers to obtain user ID files. Affected: Domino before 6.5.5 FP2 and 7.x before 7.0.2. Impact: potential disclosure of user IDs. Remediation: upgrade to 6.5.5 FP2+ or 7.0.2+. OpenVAS/NT-based tooling references i...
IBM Lotus Notes NRPC协议信息泄露漏洞
Lotus Domino/Notes服务器是一款基于WEB协同工作的应用程序架构,运行在Linux/Unix和Microsoft Windows操作系统平台下。 IBM Lotus Domino中运行在1352端口上的Notes远程过程调用(NRPC)协议在使用未经认证的名称查询事件时存在漏洞,允许攻击者列出有效的用户名和下载已有用户的用户ID文件。但下载后攻击者必须使用暴力猜测口令才能使用这些用户ID。 IBM Lotus Domino 7.0 IBM Lotus Domino 6.5 IBM Lotus Domino 6.0 IBM Lotus Domino 5.0...
CVE-2005-1441
The vulnerability is a format string issue in Lotus Domino Server NRPC (Notes protocol) that allows remote denial of service. Affected products: Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4. Root cause: incorrect handling of format strings in NRPC processing. Impact: remote DoS as descr...
Lotus Domino Server Web Service NRPC Authentication Format String DoS
Binary data 2870.prm...