Dailydave mailing list archives
Re: [Fwd: [Full-disclosure] iDEFENSE Security Advisory 02.10.06: IBM Lotus Domino Server LDAP DoS Vulnerability]
From: "Evgeny Legerov" <admin () gleg net>
Date: Sat, 11 Feb 2006 11:34:34 +0300
Hi, I think it is not, the advisory states: """The problem specifically exists within the LDAP server "nldap.exe." When sending a specially crafted bind request with a long string to the LDAP
""" But my BIND request was very short ;-)Btw, I did not test Windows version of Lotus Domino, so the testing with ProtoVer LDAP may reveal some interesting bugs which does not present in Linux versions.
Dave Aitel <dave () immunityinc com> wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Is this the same as one of Evgeny's bugs? - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)Comment: Using GnuPG with Fedora - http://enigmail.mozdev.orgiD8DBQFD7QRyB8JNm+PA+iURAjF+AKCaFkPwbn4OYBYzLzZFzxRz4hnRvQCgzsBj 0mRgJjKsnOtTZZgbbQcW9pM= =iucP -----END PGP SIGNATURE-----
Best regards, Evgeny Legerov CEO, GLEG Ltd.
Current thread:
- [Fwd: [Full-disclosure] iDEFENSE Security Advisory 02.10.06: IBM Lotus Domino Server LDAP DoS Vulnerability] Dave Aitel (Feb 10)
- Re: [Fwd: [Full-disclosure] iDEFENSE Security Advisory 02.10.06: IBM Lotus Domino Server LDAP DoS Vulnerability] Evgeny Legerov (Feb 11)