Lucene search
SAINT CorporationSAINT:58C0973BD45680172E13504112222964HistoryMay 30, 2008 - 12:00 a.m.
IBM Lotus Sametime Community Services Multiplexer buffer overflow
2008-05-3000:00:00
SAINT Corporation
download.saintcorporation.com
17
0.968 High
EPSS
Percentile
99.7%
Added: 05/30/2008
CVE: CVE-2008-2499
BID: 29328
OSVDB: 45610
Background
IBM Lotus Sametime is enterprise instant messaging and web conferencing software.
Problem
A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesting a long, specially crafted URL.
Resolution
Upgrade to Sametime 8.0.1 or apply one of the workarounds described in the Technote.
References
<http://www.zerodayinitiative.com/advisories/ZDI-08-028/>
Limitations
Exploit works on IBM Lotus Sametime 8.0.
Platforms
Windows 2000
Windows Server 2003
Related
cve
cve
CVE-2008-2499
2008-05-29 16:32:00
zdi
zdi
packetstorm
packetstorm
IBM Lotus Domino Sametime STMux.exe Stack Overflow
2009-11-26 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_SAMETIME
2008-05-29 16:32:00
nvd
nvd
CVE-2008-2499
2008-05-29 16:32:00
nessus
nessus
IBM Lotus Sametime Multiplexer Buffer Overflow
2013-09-24 00:00:00
saint
saint
IBM Lotus Sametime Community Services Multiplexer buffer overflow
2008-05-30 00:00:00
IBM Lotus Sametime Community Services Multiplexer buffer overflow
2008-05-30 00:00:00
IBM Lotus Sametime Community Services Multiplexer buffer overflow
2008-05-30 00:00:00
kaspersky
kaspersky
KLA10203 ACE vulnerability in IBM Lotus Sametime
2008-05-29 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM Lotus Sametime Server Multiplexer Stack Buffer Overflow (CVE-2008-2499)
2009-11-16 00:00:00
cvelist
cvelist
CVE-2008-2499
2008-05-29 16:00:00
prion
prion
Stack overflow
2008-05-29 16:32:00