CVSS: 7.8EPSS: 27%CPEs: 3EXPL: 1CVE-2007-1739
https://notcve.org/view.php?id=CVE-2007-1739
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation. Desbordamiento de búfer basado en pila en el servidor LDAP en IBM Lotus Domino versiones anteriores a 6.5.6 y 7.x versiones anteriores a 7.0.2 FP1 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una petición DN larga y malformada, que provoca que solamente los 16bits menos significativos de la longitud de la cadena se usen para alojamiento de memoria. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=494 http://secunia.com/advisories/24633 http://www-1.ibm.com/support/docview.wss?uid=swg21257248 http://www.kb.cert.org/vuls/id/927988 http://www.securityfocus.com/bid/23173 http://www.securityfocus.com/bid/23174 http://www.securitytracker.com/id?1017825 http://www.vupen.com/english/advisories/2007/1133 https://exchange.xforce.ibmcloud.com/vulnerabilities/33278 •
CVSS: 10.0EPSS: 92%CPEs: 13EXPL: 3CVE-2007-1675 – IBM Lotus Domino IMAP Server CRAM-MD5 Authentication Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-1675
Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username. Desbordamiento de búfer en el mecanismo de autenticación CRAM-MD5 del servidor IMAP (nimap.exe) de IBM Lotus Domino anterior a 6.5.6 y 7.x anterior a 7.0.2 FP1 permite a atacantes remotos provocar una denegación de servicio mediante un nombre de usuario largo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the CRAM-MD5 authentication mechanism of nimap.exe which binds by default to TCP port 143. No check is done on the length on the supplied username prior to processing it through a custom copy loop. • https://www.exploit-db.com/exploits/3602 https://www.exploit-db.com/exploits/3616 https://www.exploit-db.com/exploits/4207 http://secunia.com/advisories/24633 http://www-1.ibm.com/support/docview.wss?uid=swg21257028 http://www.securityfocus.com/bid/23172 http://www.securityfocus.com/bid/23173 http://www.securitytracker.com/id?1017823 http://www.vupen.com/english/advisories/2007/1133 http://www.zerodayinitiative.com/advisories/ZDI-07-011.html https://exchange.xforce.ibm •