Vulnerability Name:

CVE-2006-5835 (CCN-30118)

Assigned:2006-11-08
Published:2006-11-08
Updated:2017-07-20
Summary:The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: Full-Disclosure Mailing List, Thu Nov 08 2007 - 06:58:57 CST
Lotus Notes pre-login User.ID key leak

Source: MITRE
Type: CNA
CVE-2006-5835

Source: CCN
Type: SA22741
IBM Lotus Domino NRPC Information Disclosure

Source: SECUNIA
Type: Patch, Vendor Advisory
22741

Source: CCN
Type: SECTRACK ID: 1017203
IBM Lotus Notes Lets Remote Users Determine Valid Usernames and Obtain User.ID Keyfiles

Source: SECTRACK
Type: UNKNOWN
1017203

Source: CONFIRM
Type: Patch
http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21248026

Source: CCN
Type: IBM Technote (FAQ) 1248026
IBM Lotus Notes information leakage on port 1352

Source: CCN
Type: IBM Software Web site
IBM Lotus Notes

Source: CCN
Type: Fortconsult Security Advisory
Lotus Notes Port 1352 Pre-login Information Leakage

Source: MISC
Type: Exploit, Vendor Advisory
http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf

Source: CCN
Type: OSVDB ID: 30255
IBM Lotus Domino Notes Remote Procedure Call (NRPC) User Name/ID Enumeration

Source: BID
Type: UNKNOWN
20960

Source: CCN
Type: BID-20960
IBM Lotus Notes User.ID File Key Information Disclosure Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2006-4411

Source: XF
Type: UNKNOWN
lotusnotes-nrpc-information-disclosure(30118)

Source: XF
Type: UNKNOWN
lotusnotes-nrpc-information-disclosure(30118)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm lotus notes 5.0.3
    ibm lotus notes 5.0.12
    ibm lotus notes 6.0
    ibm lotus notes 6.0.1
    ibm lotus notes 6.0.2
    ibm lotus notes 6.0.3
    ibm lotus notes 6.0.4
    ibm lotus notes 6.0.5
    ibm lotus notes 6.5
    ibm lotus notes 6.5.1
    ibm lotus notes 6.5.2
    ibm lotus notes 6.5.3
    ibm lotus notes 6.5.4
    ibm lotus notes 6.5.5
    ibm lotus notes 7.0
    ibm lotus notes 7.0.1
    ibm lotus notes 6.0.1
    ibm lotus notes 6.0.2
    ibm lotus notes 6.0.3
    ibm lotus notes 6.5
    ibm lotus notes 6.0
    ibm lotus notes 6.5.3
    ibm lotus notes 6.5.2
    ibm lotus notes 6.5.1
    ibm lotus notes 6.0.4
    ibm lotus notes 7.0
    ibm lotus notes 6.0.5
    ibm lotus notes 6.5.4
    ibm lotus notes 7.0.1
    ibm lotus notes 6.5.5
    ibm lotus notes 5.0.12
    ibm lotus notes 5.0.3