Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2007-1675

Published: 28/03/2007 Updated: 29/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Lotus Domino

Vulnerability Summary

Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino prior to 6.5.6 and 7.x prior to 7.0.2 FP1 allows remote malicious users to cause a denial of service via a long username.

Vulnerable Product Search on Vulmon Subscribe to Product

ibm lotus domino 6.5.0

ibm lotus domino 6.5.1

ibm lotus domino 6.5.5

ibm lotus domino 7.0

ibm lotus domino 6.5.4

ibm lotus domino 6.5.2

ibm lotus domino 6.5.3

ibm lotus domino 7.0.1

ibm lotus domino 7.0.2

Exploits

Exploit DB: IBM Lotus Domino Server 6.5 - Remote Overflow
#!/usr/bin/python # # IBM Lotus Domino Server 65 PRE AUTH Remote Exploit # Tested on windows 2003 server SP0 # Coded by Mati Aharoni # muts@offensive-securitycom # wwwoffensive-securitycom # Notes: # * Not the the faint of heart # * Iris, I love you # Skeleton exploit shamelessly ripped off Winny Thomas # # bt ~ # /domino 19216803 ...
Exploit DB: IBM Lotus Domino Server 6.5 - 'Username' Remote Denial of Service
#!/usr/bin/python # # Remote DOS exploit code for IBM Lotus Domino Server 65 Tested on windows # 2000 server SP4 The code crashes the IMAP server Since this is a simple DOS # where 256+ (but no more than 270) bytes for the username crashes the service # this is likely to work on other windows platform aswell Maybe someone can carry this furthe ...
Exploit DB: Lotus Domino IMAP4 Server 6.5.4 - Remote Buffer Overflow
########################################################################################### # Lotus Domino IMAP4 Server Release 654 / Windows 2000 Advanced Server x86 Remote Exploit ########################################################################################### # Vulnerable: IBM Lotus Domino <= 702 && 655 FP2 (tested 6 ...

References

NVD-CWE-Otherhttp://www.zerodayinitiative.com/advisories/ZDI-07-011.htmlhttp://www-1.ibm.com/support/docview.wss?uid=swg21257028http://www.securityfocus.com/bid/23173http://secunia.com/advisories/24633http://www.securityfocus.com/bid/23172http://www.securitytracker.com/id?1017823http://www.vupen.com/english/advisories/2007/1133https://exchange.xforce.ibmcloud.com/vulnerabilities/33276https://nvd.nist.govhttps://www.exploit-db.com/exploits/3616/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook