PT-2006-6509 · Ibm · Ibm Lotus Notes & Domino
Publicado
2006-11-10
·
Atualizado
2017-07-20
·
CVE-2006-5835
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
IBM Lotus Notes Domino versions prior to 6.5.5 FP2
IBM Lotus Notes Domino versions 7.x prior to 7.0.2
Description:
The issue concerns the Notes Remote Procedure Call (NRPC) protocol, which does not require authentication for user lookups. This allows remote attackers to obtain the user ID file.
Recommendations:
For versions prior to 6.5.5 FP2, update to 6.5.5 FP2 or later.
For versions 7.x prior to 7.0.2, update to 7.0.2 or later.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Ibm Lotus Notes & Domino