Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Communigate Pro < 5.0.7 LDAP Module BER Decoding DoS

High

Synopsis

The remote application is prone to denial of service attacks.

Description

The remote host appears to be running CommuniGate Pro, a commercial email and groupware application. The version of CommuniGate Pro installed on the remote host includes an LDAP server that reportedly fails to handle requests with negative BER lengths. A user can leverage this issue to crash not just the LDAP server but also the entire application on the remote host.

Solution

Upgrade to version 5.0.7 or higher.