Description
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
Exploits (4)
exploitdb
WORKING POC
VERIFIED
by SkuLL-HackeR · pythonremotewindows
https://www.exploit-db.com/exploits/9596
exploitdb
WORKING POC
VERIFIED
by His0k4 · rubyremotewindows
https://www.exploit-db.com/exploits/9592
exploitdb
WORKING POC
VERIFIED
by blake · pythonremotewindows
https://www.exploit-db.com/exploits/9586
exploitdb
WORKING POC
VERIFIED
by Joxean Koret · pythonremotelinux
https://www.exploit-db.com/exploits/4315
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018612
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26613
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3061
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25460
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/477821/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36272
Mailing List mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065453.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2976
Scores
EPSS
0.5528
EPSS Percentile
98.1%
Details
CWE
CWE-119
Status
published
Products (1)
alpha_centauri_software/sidvault_ldap_server
< 2.0e
Published
Aug 28, 2007
Tracked Since
Feb 18, 2026