Vulnerability Details CVE-2007-4566
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.544
EPSS Ranking 97.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065453.html
- http://secunia.com/advisories/26613
- http://securityreason.com/securityalert/3061
- http://www.securityfocus.com/archive/1/477821/100/0/threaded
- http://www.securityfocus.com/bid/25460
- http://www.securitytracker.com/id?1018612
- http://www.vupen.com/english/advisories/2007/2976
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36272
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065453.html
- http://secunia.com/advisories/26613
- http://securityreason.com/securityalert/3061
- http://www.securityfocus.com/archive/1/477821/100/0/threaded
- http://www.securityfocus.com/bid/25460
- http://www.securitytracker.com/id?1018612
- http://www.vupen.com/english/advisories/2007/2976
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36272
Products affected by CVE-2007-4566
-
cpe:2.3:a:alpha_centauri_software:sidvault_ldap_server:*