Lotus Domino web server vulnerable to buffer overflow via long HTTP authentication header containing non-ASCII characters

2003-01-13T00:00:00
ID VU:772563
Type cert
Reporter CERT
Modified 2003-01-13T00:00:00

Description

Overview

A remotely exploitable buffer overflow exists in versions of IBM's Lotus Domino web server prior to R5.0.10.

Description

A remotely exploitable buffer overflow exists in the Lotus Domino web server. The overflow can occur as the result of an overly long HTTP Authenticate header containing certain non-ASCII characters. For more information, please see the IBM Technote.


Impact

An intruder can execute arbitrary code with the privileges of the Lotus Domino web server.


Solution

Upgrade to R5.0.10 or later.


Workaround

Log to text files instead of domlog.nsf.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
IBM| | -| 23 Apr 2002
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

Credit

This vulnerability was discovered by The Relay Group .

This document was written by Ian A. Finlay.

Other Information

  • CVE IDs: Unknown
  • Date Public: 23 Apr 2002
  • Date First Published: 13 Jan 2003
  • Date Last Updated: 13 Jan 2003
  • Severity Metric: 36.00
  • Document Revision: 6