Lotus Domino IMAP mailbox name buffer overflow

2007-11-02T00:00:00
ID SAINT:2337B49A49E5943BFD73E2123BC58553
Type saint
Reporter SAINT Corporation
Modified 2007-11-02T00:00:00

Description

Added: 11/02/2007
CVE: CVE-2007-3510
BID: 26176
OSVDB: 40953

Background

IBM Lotus Domino is a messaging and collaboration solution for multiple platforms.

Problem

A buffer overflow vulnerability in Lotus Domino could allow a remote, authenticated attacker to execute arbitrary commands by sending a command containing a long mailbox name to the IMAP service.

Resolution

Upgrade to Lotus Domino 6.5.6 Fix Pack 2, 7.0.3, or 8.0 or higher.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=605>
http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21270623

Limitations

Exploit works on Lotus Domino 7.0.2 and 7.0.2 Fix Pack 1, and requires valid IMAP authentication credentials.

Platforms

Windows 2000
Windows Server 2003