Vulnerability Details CVE-2006-0468
CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via LDAP messages with negative BER lengths, and possibly other vectors, as demonstrated by the ProtoVer LDAP test suite.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.204
EPSS Ranking 95.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/18640
- http://www.gleg.net/advisory_cg.shtml
- http://www.securityfocus.com/archive/1/423364/100/0/threaded
- http://www.securityfocus.com/bid/16407
- http://www.stalker.com/CommuniGatePro/History.html
- http://www.vupen.com/english/advisories/2006/0364
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24409
- http://secunia.com/advisories/18640
- http://www.gleg.net/advisory_cg.shtml
- http://www.securityfocus.com/archive/1/423364/100/0/threaded
- http://www.securityfocus.com/bid/16407
- http://www.stalker.com/CommuniGatePro/History.html
- http://www.vupen.com/english/advisories/2006/0364
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24409
Products affected by CVE-2006-0468
-
cpe:2.3:a:stalker:communigate_pro:5.0
-
cpe:2.3:a:stalker:communigate_pro:5.0.1
-
cpe:2.3:a:stalker:communigate_pro:5.0.2
-
cpe:2.3:a:stalker:communigate_pro:5.0.3
-
cpe:2.3:a:stalker:communigate_pro:5.0.4
-
cpe:2.3:a:stalker:communigate_pro:5.0.5
-
cpe:2.3:a:stalker:communigate_pro:5.0.6
-
cpe:2.3:a:stalker:communigate_pro:5.0c1
-
cpe:2.3:a:stalker:communigate_pro:5.0c2
-
cpe:2.3:a:stalker:communigate_pro:5.0c3
-
cpe:2.3:a:stalker:communigate_pro:5.0c4
-
cpe:2.3:a:stalker:communigate_pro:5.0c5
-
cpe:2.3:a:stalker:communigate_pro:5.0c6
-
cpe:2.3:a:stalker:communigate_pro:5.0c7