Skip to main content

IBM Lotus Domino Multiple Remote Buffer Overflow Vulnerabilities

Last Update Date: 8 Feb 2011 15:25 Release Date: 8 Feb 2011 6416 Views

RISK: High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities have been identified in IBM Lotus Domino, which could be exploited by remote attackers to compromise a vulnerable server.

 

1. A stack overflow error related to MIME handling, which could be exploited by remote unauthenticated attackers to execute arbitrary code.

 

2. An error within the Domino Internet Inter-ORB Protocol (DIIOP), which could be exploited by remote attackers to execute arbitrary code.

 

3. An error related to the Domino Internet Inter-ORB Protocol (DIIOP), which could be exploited by remote attackers to execute arbitrary code.

 

4. An access validation error in the Remote Console when handling UNC paths, which could be exploited to bypass authentication and execute arbitrary code.

 

5. A buffer overflow error in the Router component when processing user-supplied requests, which could be exploited by remote unauthenticated attackers to execute arbitrary code.

 

6. A buffer overflow error in the IMAP and POP3 components when processing malformed data, which could be exploited by remote unauthenticated attackers to execute arbitrary code.

 

7. An error when processing LDAP bind requests, which could be exploited by remote attackers to execute arbitrary code.


Impact

  • Remote Code Execution

System / Technologies affected

  • IBM Lotus Notes versions prior to 8.5.3

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to IBM Lotus Notes version 8.5.3.

Vulnerability Identifier

  • No CVE information is available

Source


Related Link