Vulnerabilities > CVE-2005-2696 - Unspecified vulnerability in IBM Lotus Notes
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) "PasswordDigest" and "HTTPPassword" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/54436/lotus.sh.txt |
id | PACKETSTORM:54436 |
last seen | 2016-12-05 |
published | 2007-02-14 |
reporter | Marco Ivaldi |
source | https://packetstormsecurity.com/files/54436/lotus.sh.txt.html |
title | lotus.sh.txt |
Seebug
bulletinFamily exploit description No description provided by source. id SSV:13490 last seen 2017-11-19 modified 2007-02-13 published 2007-02-13 reporter Root source https://www.seebug.org/vuldb/ssvid-13490 title Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit bulletinFamily exploit description No description provided by source. id SSV:64478 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-64478 title Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit bulletinFamily exploit description No description provided by source. id SSV:6191 last seen 2017-11-19 modified 2007-02-14 published 2007-02-14 reporter Root source https://www.seebug.org/vuldb/ssvid-6191 title Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit