Lotus Domino
IBM Lotus Domino IMAP Buffer Overflow Vulnerability
iDefense Security Advisory 10.23.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 23, 2007
I. BACKGROUND
IBM Lotus Domino Server software provides messaging, calendaring and
scheduling capabilities on a variety of operating systems. More
ZDI-11-048: IBM Lotus Domino iCalendar Meeting Request Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-048
February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-10-177: IBM Lotus Domino iCalendar MAILTO Stack Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-177
September 14, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
ZDI-11-049: IBM Lotus Domino SMTP Multiple Filename Arguments Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-049
February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-11-045: IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-045
February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-11-047: IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-047
February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-11-046: IBM Lotus Domino Calendar Request Attachment Name Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-046
February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
1. On the Windows Desktop, in Administrative Tools, open Services.
2. Right-click BlackBerry Dispatcher and click Stop.
3. Right-click BlackBerry Dispatcher and click Start.
4. Close Services.
In IBM Lotus Domino environments, complete the following additional
steps:
1. Open the IBM Lotus Domino Administrator.
2. Click the Server tab.
3. Click the Status tab.
-- Affected Vendors:
IBM
-- Affected Products:
IBM Lotus Domino
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 10597.
For further product information on the TippingPoint IPS, visit:
1. On the Windows Desktop, in Administrative Tools, open Services.
2. Right-click BlackBerry Dispatcher and click Stop.
3. Right-click BlackBerry Dispatcher and click Start.
4. Close Services.
In IBM Lotus Domino environments, complete the following additional
steps:
1. Open the IBM Lotus Domino Administrator.
2. Click the Server tab.
3. Click the Status tab.
-- Affected Vendors:
IBM
-- Affected Products:
IBM Lotus Domino
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 10173.
For further product information on the TippingPoint IPS, visit:
1. On the Windows Desktop, in Administrative Tools, open Services.
2. Right-click BlackBerry Dispatcher and click Stop.
3. Right-click BlackBerry Dispatcher and click Start.
4. Close Services.
In IBM Lotus Domino environments, complete the following additional
steps:
1. Open the IBM Lotus Domino Administrator.
2. Click the Server tab.
3. Click the Status tab.
ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-110
March 22, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 02, 2010
I. BACKGROUND
IBM Lotus Domino includes an ActiveX control called Domino Web Access,
which provides Web-based access for Lotus Notes users. The control
features functionality that is used for uploading files and clearing
the cache upon logout. For more information, see the vendor's site
found at the following link.
inject arbitrary web script or HTML via the Expect HTTP header.
OSVDB Disclosed Title
5835 2000-09-12 AS/400 Firewall Malformed GET Request DoS
9787 1999-05-04 IBM Lotus Domino for AS/400 SMTP Component Long String
Remote DoS
11018 1997-04-17 Microsoft SNA Server AS/400 Local APPC LU Shared Folder
Disclosure
15074 2005-03-23 AS/400 Multiple Emulator STRPCO / STRPCCMD Command
Execution
a) check to see if a vulnerability has been published
b) test current software
c) include the full name of the product you are testing
"IBM Lotus 6.x", presumably IBM Lotus Domino is currently around version
8.5 or so, per the link you provided:
: http://www-01.ibm.com/software/lotus/
*Vulnerability Description*
Lotus Notes is the integrated email, calendar, instant messenger, browser
and business collaboration application developed by IBM to work as a
desktop client in conjunction with IBM’s Lotus Domino server application.
The email functionality of Lotus Notes supports previewing and processing
file attachments in various formats. To preview and process files in the
Lotus Worksheet File format (WKS) used by Lotus 1-2-3 the email client
uses a library from a third-party software vendor (Autonomy’s Verity
Affected Products
=================
Cisco Unity is a voice and unified messaging platform. Cisco Unity can
be configured to interoperate with Microsoft Exchange or IBM Lotus
Domino enabling users to access e-mail, voice, and fax messages from a
single inbox.
Vulnerable Products
+------------------
Reference: http://www.securityfocus.com/bid/26146
Overview:
Lotus Domino is a client/server product designed for collaborative
working environments. Domino is designed for e-mail, scheduling,
instant messaging and data driven applications.
There exists a vulnerability in the way memory mapped files are
used under Windows. The result of which is that if the Lotus Notes
- Norman Internet Control
- Norman Virus Control E-mail plugins
- Norman Endpoint Protection
- Norman Secuirty Suite
- Norman Network Protection
- Norman Virus Control for Lotus Domino
- Norman Virus Control for Exchange
- Norman Virus Control for Linux
- Norman Virus Control for Novell Netware (FireBreak)
- Norman Email Protection
- Norman Email Protection Appliance
- ESET NOD32 Antivirus 4 (before 15/04/2009)
- ESET Smart Security 4 Business Edition (before 15/04/2009)
- ESET NOD32 Antivirus 4 Business Edition (before 15/04/2009)
- ESET NOD32 Antivirus for Exchange Server (before 15/04/2009)
- ESET Mail Security (before 15/04/2009)
- ESET NOD32 Antivirus for Lotus Domino Server (before 15/04/2009)
- ESET File Security (before 15/04/2009)
- ESET Novell Netware (before 15/04/2009)
- ESET DELL STORAGE SERVERS (before 15/04/2009)
- ESET NOD32 Antivirus for Linux gateway devices (before 15/04/2009)
- Command line version : NOD32 prior to 3.0.677
- ESET NOD32 Antivirus 4 (update #4036)
- ESET Smart Security 4 Business Edition (update #4036)
- ESET NOD32 Antivirus 4 Business Edition (update #4036)
- ESET NOD32 Antivirus for Exchange Server (update #4036)
- ESET Mail Security (update #4036)
- ESET NOD32 Antivirus for Lotus Domino Server (update #4036)
- ESET File Security (update #4036)
- ESET Novell Netware (update #4036)
- ESET DELL STORAGE SERVERS (update #4036)
- ESET NOD32 Antivirus for Linux gateway devices (update #4036)
I. BACKGROUND
IBM Corp.'s Lotus Notes software is an integrated desktop client option
for accessing e-mail, calendars and applications on an IBM Corp. Lotus
Domino server. More information can be found by visiting the URL below.
http://www-142.ibm.com/software/sw-lotus/products/product4.nsf/wdocs/noteshomepage
II. DESCRIPTION
I. BACKGROUND
IBM Corp.'s Lotus Notes software is an integrated desktop client option
for accessing e-mail, calendars and applications on an IBM Corp. Lotus
Domino server. More information can be found by visiting the URL below.
<BR> <BR> http://www-01.ibm.com/software/lotus/
II. DESCRIPTION
Remote exploitation of a stack buffer overflow vulnerability in IBM
I. BACKGROUND
IBM Corp.'s Lotus Notes software is an integrated desktop client option
for accessing e-mail, calendars and applications on an IBM Corp. Lotus
Domino server. More information can be found by visiting the URL below.
<BR> <BR> http://www-01.ibm.com/software/lotus/
II. DESCRIPTION
Remote exploitation of a stack buffer overflow vulnerability in IBM
* avast! 4 Server Edition Plug-ins
* avast! 4 Exchange Server Edition (impact high, complete bypass)
* avast! 4 ISA Server Edition (impact high, complete bypass)
* avast! 4 SharePoint Server Edition (impact high, complete bypass)
* avast! 4 SMTP Server Edition (impact high, complete bypass)
* avast! 4 Lotus Domino Edition (impact high, complete bypass)
* avast! Distributed Network Manager (impact high, complete bypass)
* avast! 4 Professional (impact unknown)
* avast! 4 BART CD (impact unknown)
* avast! for Linux/Unix Server (impact high, complete bypass)
* avast! for PDA (impact unknown)
I. BACKGROUND
IBM Corp.'s Lotus Notes software is an integrated desktop client option
for accessing e-mail, calendars and applications on an IBM Corp. Lotus
Domino server. More information can be found by visiting the URL below.
<BR> <BR> http://www-01.ibm.com/software/lotus/
II. DESCRIPTION
Remote exploitation of a stack buffer overflow vulnerability in IBM
I. BACKGROUND
IBM Corp.'s Lotus Notes software is an integrated desktop client option
for accessing e-mail, calendars and applications on an IBM Corp. Lotus
Domino server. More information can be found by visiting the URL below.
<BR> <BR> http://www-01.ibm.com/software/lotus/
II. DESCRIPTION
Remote exploitation of a stack buffer overflow vulnerability in IBM
|
