Sign-up

ID

VAR-200612-0411


CVE

CVE-2006-6713


TITLE

Hitachi Directory Server LDAP Request Multiple Security Vulnerabilities

Trust: 1.2

sources: CNVD: CNVD-2006-9290 // CNNVD: CNNVD-200612-489

DESCRIPTION

Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allows remote attackers to execute arbitrary code via crafted LDAP requests. Hitachi Directory Server is a directory server launched by Hitachi. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Hitachi Directory Server LDAP Multiple Vulnerabilities SECUNIA ADVISORY ID: SA23421 VERIFY ADVISORY: http://secunia.com/advisories/23421/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From local network SOFTWARE: Hitachi Directory Server 2.x http://secunia.com/product/4505/ DESCRIPTION: Some vulnerabilities have been reported in Hitachi Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. The vulnerabilities are reported in version 2. Prior versions may also be affected. SOLUTION: Update to version 02-11-/K (Windows) or 02-10-/V (HP-UX). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS06-018_e/index-e.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.52

sources: NVD: CVE-2006-6713 // JVNDB: JVNDB-2006-002634 // CNVD: CNVD-2006-9290 // BID: 21692 // PACKETSTORM: 53146

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2006-9290

AFFECTED PRODUCTS

vendor:hitachimodel:directory server 2scope:eqversion:p_2444_a124_02_11_h

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_1b44_a121_02_10_s

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_2444_a124_02_11

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_1b44_a121_02_10_q

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_2444_a124_02_11_f

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_1b44_a121_02_10

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_2444_a124_02_01

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_1b44_a121_02_10_p

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_2444_a124_02_11_g

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_2444_a124_02_00

Trust: 1.6

vendor:hitachimodel:directory server 2scope:eqversion:p_1b44_a121_02_01

Trust: 1.0

vendor:hitachimodel:directory server 2scope:eqversion:p_1b44_a121_02_00

Trust: 1.0

vendor:hitachimodel:directory server 2scope:ltversion:02-11-/k

Trust: 0.8

vendor:nonemodel: - scope: - version: -

Trust: 0.6

vendor:hitachimodel:directory server version p-2444-a124 02-11-/hscope:eqversion:2

Trust: 0.3

vendor:hitachimodel:directory server version p-2444-a124 02-11-/gscope:eqversion:2

Trust: 0.3

vendor:hitachimodel:directory server version p-2444-a124 02-11-/fscope:eqversion:2

Trust: 0.3

vendor:hitachimodel:directory server version p-2444-a124scope:eqversion:202-11

Trust: 0.3

vendor:hitachimodel:directory server version p-2444-a124scope:eqversion:202-01

Trust: 0.3

vendor:hitachimodel:directory server version p-2444-a124scope:eqversion:202-00

Trust: 0.3

vendor:hitachimodel:directory server version p-1b44-a121 02-10-/sscope:eqversion:2

Trust: 0.3

vendor:hitachimodel:directory server version p-1b44-a121 02-10-/qscope:eqversion:2

Trust: 0.3

vendor:hitachimodel:directory server version p-1b44-a121 02-10-/pscope:eqversion:2

Trust: 0.3

vendor:hitachimodel:directory server version p-1b44-a121scope:eqversion:202-10

Trust: 0.3

vendor:hitachimodel:directory server version p-1b44-a121scope:eqversion:202-01

Trust: 0.3

vendor:hitachimodel:directory server version p-1b44-a121scope:eqversion:202-00

Trust: 0.3

vendor:hitachimodel:directory server version p-2444-a124 02-11-/kscope:neversion:2

Trust: 0.3

vendor:hitachimodel:directory server version p-2444-a121scope:neversion:202-10-/v

Trust: 0.3

sources: CNVD: CNVD-2006-9290 // BID: 21692 // JVNDB: JVNDB-2006-002634 // CNNVD: CNNVD-200612-489 // NVD: CVE-2006-6713

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-6713
value: HIGH

Trust: 1.0

NVD: CVE-2006-6713
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200612-489
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2006-6713
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2006-002634 // CNNVD: CNNVD-200612-489 // NVD: CVE-2006-6713

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-6713

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200612-489

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200612-489

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-002634

PATCH
title:HS06-018url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/pdf/HS06-018.pdf
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-002634

EXTERNAL IDS
db:NVDid:CVE-2006-6713
Trust: 3.3
db:HITACHIid:HS06-018
Trust: 2.0
db:BIDid:21692
Trust: 1.9
db:SECUNIAid:23421
Trust: 1.8
db:VUPENid:ADV-2006-5098
Trust: 1.6
db:JVNDBid:JVNDB-2006-002634
Trust: 0.8
db:CNVDid:CNVD-2006-9290
Trust: 0.6
db:CNNVDid:CNNVD-200612-489
Trust: 0.6
db:PACKETSTORMid:53146
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2006-9290 // 
            
            
            
            BID: 21692 // 
            
            
            
            JVNDB: JVNDB-2006-002634 // 
            
            
            
            PACKETSTORM: 53146 // 
            
            
            
            CNNVD: CNNVD-200612-489 // 
            
            
            
            NVD: CVE-2006-6713

REFERENCES
url:http://www.securityfocus.com/bid/21692
Trust: 1.6
url:http://secunia.com/advisories/23421
Trust: 1.6
url:http://www.hitachi-support.com/security_e/vuls_e/hs06-018_e/01-e.html
Trust: 1.6
url:http://www.vupen.com/english/advisories/2006/5098
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6713
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6713
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2006/5098
Trust: 0.6
url:http://www.hitachi-support.com/security_e/vuls_e/hs06-018_e/index-e.html
Trust: 0.4
url:http://www.hitachi.com/
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/software_inspector/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/23421/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/4505/
Trust: 0.1
sources:
            
            
            BID: 21692 // 
            
            
            
            JVNDB: JVNDB-2006-002634 // 
            
            
            
            PACKETSTORM: 53146 // 
            
            
            
            CNNVD: CNNVD-200612-489 // 
            
            
            
            NVD: CVE-2006-6713

CREDITS
Hitachi
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200612-489

SOURCES
db:CNVDid:CNVD-2006-9290
db:BIDid:21692
db:JVNDBid:JVNDB-2006-002634
db:PACKETSTORMid:53146
db:CNNVDid:CNNVD-200612-489
db:NVDid:CVE-2006-6713

LAST UPDATE DATE
2025-04-10T23:07:43.866000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2006-9290date:2006-12-21T00:00:00
db:BIDid:21692date:2016-07-06T14:40:00
db:JVNDBid:JVNDB-2006-002634date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200612-489date:2007-01-03T00:00:00
db:NVDid:CVE-2006-6713date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:CNVDid:CNVD-2006-9290date:2006-12-21T00:00:00
db:BIDid:21692date:2006-12-21T00:00:00
db:JVNDBid:JVNDB-2006-002634date:2012-09-25T00:00:00
db:PACKETSTORMid:53146date:2006-12-21T21:14:31
db:CNNVDid:CNNVD-200612-489date:2006-12-22T00:00:00
db:NVDid:CVE-2006-6713date:2006-12-23T01:28:00