1. CVE-Search
  2. CVE-2006-0468
ID CVE-2006-0468
Summary CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via LDAP messages with negative BER lengths, and possibly other vectors, as demonstrated by the ProtoVer LDAP test suite.
References
Vulnerable Configurations
  • cpe:2.3:a:stalker:communigate_pro:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0c1:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0c1:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0c2:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0c2:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0c3:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0c3:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0c4:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0c4:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0c5:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0c5:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0c6:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0c6:*:*:*:*:*:*:*
  • cpe:2.3:a:stalker:communigate_pro:5.0c7:*:*:*:*:*:*:*
    cpe:2.3:a:stalker:communigate_pro:5.0c7:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 19-10-2018 - 15:44)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 16407
bugtraq 20060128 Multiple vulnerabilities in CommuniGate Pro Server
confirm http://www.stalker.com/CommuniGatePro/History.html
misc http://www.gleg.net/advisory_cg.shtml
secunia 18640
vupen ADV-2006-0364
xf communigate-ldap-bo(24409)
Last major update 19-10-2018 - 15:44
Published 30-01-2006 - 18:03
Last modified 19-10-2018 - 15:44
Back to Top