| VID |
22364 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
A version of Lotus Domino Server which is older than versions 6.0.5 and 6.5.4 is detected as running on the host. IBM Lotus Notes and Lotus Domino versions prior to 6.5.4 and 6.0.5 are vulnerable to multiple vulnerabilities, which can be exploited by a remote attacker to cause a denial of service or compromise a vulnerable system.
1) A boundary error within the Domino Server when processing certain time/date fields, which can be updated from the web, can be exploited to cause a buffer overflow by passing a specially crafted POST request.
2) A format string error in the Domino server when handling authentication using the NRPC Notes protocol can be exploited via a specially crafted string containing format specifiers.
3) An unspecified boundary error in NOTES.INI on a Lotus Notes client can be exploited to cause a buffer overflow.
4) An error in the SetHTTPHeader function can be exploited to inject arbitrary content into the header and potentially conduct HTTP response splitting attacks or proxy cache poisoning.
* Note: This check solely relied on the banner of the remote HTTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21202431
http://www.ngssoftware.com/advisories/lotus-01.txt
http://secunia.com/advisories/14879/
http://www.kb.cert.org/vuls/id/699798
* Platforms Affected:
IBM Lotus Notes and Lotus Domino versions prior to 6.5.4 and 6.0.5
Any operating system Any version |
| Recommendation |
Upgrade to the latest Maintenance Release of Lotus Notes/Domino (6.5.4 or 6.0.5 or later), available from the IBM Support Services Web page at http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21201845 |
| Related URL |
CVE-2005-1101,CVE-2005-1405,CVE-2005-1441,CVE-2005-1442 (CVE) |
| Related URL |
13130 (SecurityFocus) |
| Related URL |
20042,20043,20044,20045 (ISS) |
|
