'; echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "www.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "www.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "www.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "www.hp-telecom.com") { echo ''; echo 'hp-telecom'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

IMAP Attack (Attack ID:900007)

Release Date:2009-09-27

Attack Name:CRAM-MD5 authentication method buffer overflow

OS Type:Window

Application Type

Severity:Critical

BUG ID

CVE ID

 

Description

This event is generated when an attempt is made to exploit a known vulnerability in Lotus Domino.
Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before v6.5.6 and v7.x before v7.0.2 FP1 allows remote attackers to cause a denial of service via a long username.

Affected Systems:
IBM Lotus Domino v6.5.0.

 

Solution

Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.