Lucene search

[email protected]NVD:CVE-2006-5835

HistoryNov 10, 2006 - 1:07 a.m.

CVE-2006-5835

2006-11-1001:07:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

79.4%

JSON

The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.

Affected configurations

Nvd

Node

ibmlotus_notesMatch5.0.3

ibmlotus_notesMatch5.0.12

ibmlotus_notesMatch6.0

ibmlotus_notesMatch6.0.1

ibmlotus_notesMatch6.0.2

ibmlotus_notesMatch6.0.3

ibmlotus_notesMatch6.0.4

ibmlotus_notesMatch6.0.5

ibmlotus_notesMatch6.5

ibmlotus_notesMatch6.5.1

ibmlotus_notesMatch6.5.2

ibmlotus_notesMatch6.5.3

ibmlotus_notesMatch6.5.4

ibmlotus_notesMatch6.5.5

ibmlotus_notesMatch7.0

ibmlotus_notesMatch7.0.1

VendorProductVersionCPE
ibmlotus_notes5.0.3cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*
ibmlotus_notes5.0.12cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*
ibmlotus_notes6.0cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*
ibmlotus_notes6.0.1cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*
ibmlotus_notes6.0.2cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*
ibmlotus_notes6.0.3cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*
ibmlotus_notes6.0.4cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*
ibmlotus_notes6.0.5cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*
ibmlotus_notes6.5cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
ibmlotus_notes6.5.1cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_notes	5.0.3	cpe:2.3:a:ibm:lotus_notes:5.0.3:::::::*
ibm	lotus_notes	5.0.12	cpe:2.3:a:ibm:lotus_notes:5.0.12:::::::*
ibm	lotus_notes	6.0	cpe:2.3:a:ibm:lotus_notes:6.0:::::::*
ibm	lotus_notes	6.0.1	cpe:2.3:a:ibm:lotus_notes:6.0.1:::::::*
ibm	lotus_notes	6.0.2	cpe:2.3:a:ibm:lotus_notes:6.0.2:::::::*
ibm	lotus_notes	6.0.3	cpe:2.3:a:ibm:lotus_notes:6.0.3:::::::*
ibm	lotus_notes	6.0.4	cpe:2.3:a:ibm:lotus_notes:6.0.4:::::::*
ibm	lotus_notes	6.0.5	cpe:2.3:a:ibm:lotus_notes:6.0.5:::::::*
ibm	lotus_notes	6.5	cpe:2.3:a:ibm:lotus_notes:6.5:::::::*
ibm	lotus_notes	6.5.1	cpe:2.3:a:ibm:lotus_notes:6.5.1:::::::*

Rows per page:

1-10 of 161

References

secunia.com/advisories/22741

securitytracker.com/id?1017203

www-1.ibm.com/support/docview.wss?rs=463&uid=swg21248026

www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf

www.securityfocus.com/bid/20960

www.vupen.com/english/advisories/2006/4411

exchange.xforce.ibmcloud.com/vulnerabilities/30118

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

79.4%

JSON

Related for NVD:CVE-2006-5835

d21 openvas2 cvelist1 cve1 nmap1