Lucene search

[email protected]CVE-2007-4566

HistoryAug 28, 2007 - 1:17 a.m.

CVE-2007-4566

2007-08-2801:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-4566

buffer overflow

sidvault

alpha centauri software

sidvault ldap server

remote code execution

ldap packets

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.273 Low

EPSS

Percentile

96.8%

JSON

Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.

Affected configurations

NVD

Node

alpha_centauri_softwaresidvault_ldap_serverRange≤2.0e

CPENameOperatorVersion
alpha_centauri_software:sidvault_ldap_serveralpha centauri software sidvault ldap serverle2.0e

CPE	Name	Operator	Version
alpha_centauri_software:sidvault_ldap_server	alpha centauri software sidvault ldap server	le	2.0e

References

lists.grok.org.uk/pipermail/full-disclosure/2007-August/065453.html

secunia.com/advisories/26613

securityreason.com/securityalert/3061

www.securityfocus.com/archive/1/477821/100/0/threaded

www.securityfocus.com/bid/25460

www.securitytracker.com/id?1018612

www.vupen.com/english/advisories/2007/2976

exchange.xforce.ibmcloud.com/vulnerabilities/36272

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.273 Low

EPSS

Percentile

96.8%

JSON

Related for CVE-2007-4566

cvelist1 openvas1 prion1 nvd1 nessus1