A remotely exploitable buffer overflow exists in versions of IBM's Lotus Domino web server prior to R5.0.10.
A remotely exploitable buffer overflow exists in the Lotus Domino web server. The overflow can occur as the result of an overly long HTTP Authenticate header containing certain non-ASCII characters. For more information, please see the IBM Technote.
An intruder can execute arbitrary code with the privileges of the Lotus Domino web server.
Upgrade to R5.0.10 or later.
Log to text files instead of domlog.nsf.
Vendor| Status| Date Notified| Date Updated
IBM| | -| 23 Apr 2002
If you are a vendor and your product is affected, let us know.
Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A
This vulnerability was discovered by The Relay Group.
This document was written by Ian A. Finlay.