Lotus Domino IMAP mailbox name buffer overflow

Added: 11/02/2007
CVE: CVE-2007-3510
BID: 26176
OSVDB: 40953

Background

IBM Lotus Domino is a messaging and collaboration solution for multiple platforms.

Problem

A buffer overflow vulnerability in Lotus Domino could allow a remote, authenticated attacker to execute arbitrary commands by sending a command containing a long mailbox name to the IMAP service.

Resolution

Upgrade to Lotus Domino 6.5.6 Fix Pack 2, 7.0.3, or 8.0 or higher.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=605&gt;
[http://www-1.ibm.com/support/docview.wss?rs=477&amp;uid=swg21270623 ](<http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21270623
>)

Limitations

Exploit works on Lotus Domino 7.0.2 and 7.0.2 Fix Pack 1, and requires valid IMAP authentication credentials.

Platforms

Windows 2000
Windows Server 2003