CVE-2006-5835
First published: Fri Nov 10 2006(Updated: )
The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Notes | =6.5.2 | |
| IBM Lotus Notes | =6.0 | |
| IBM Lotus Notes | =6.0.1 | |
| IBM Lotus Notes | =5.0.3 | |
| IBM Lotus Notes | =5.0.12 | |
| IBM Lotus Notes | =6.0.2 | |
| IBM Lotus Notes | =7.0 | |
| IBM Lotus Notes | =6.0.4 | |
| IBM Lotus Notes | =6.5.4 | |
| IBM Lotus Notes | =6.5.1 | |
| IBM Lotus Notes | =6.0.5 | |
| IBM Lotus Notes | =6.5 | |
| IBM Lotus Notes | =7.0.1 | |
| IBM Lotus Notes | =6.5.3 | |
| IBM Lotus Notes | =6.0.3 | |
| IBM Lotus Notes | =6.5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf
- http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21248026
- http://www.securityfocus.com/bid/20960
- http://secunia.com/advisories/22741
- http://securitytracker.com/id?1017203
- http://www.vupen.com/english/advisories/2006/4411
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30118
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/description
- agent/type
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm lotus notes
- version/ibm lotus notes/6.5.2
- version/ibm lotus notes/6.0
- version/ibm lotus notes/6.0.1
- version/ibm lotus notes/5.0.3
- version/ibm lotus notes/5.0.12
- version/ibm lotus notes/6.0.2
- version/ibm lotus notes/7.0
- version/ibm lotus notes/6.0.4
- version/ibm lotus notes/6.5.4
- version/ibm lotus notes/6.5.1
- version/ibm lotus notes/6.0.5
- version/ibm lotus notes/6.5
- version/ibm lotus notes/7.0.1
- version/ibm lotus notes/6.5.3
- version/ibm lotus notes/6.0.3
- version/ibm lotus notes/6.5.5