Lotus Domino HPRAgentName Stack Overflow

2011-07-08T00:00:00
ID SAINT:B2FA82E5F3DF50F4614A79CC0E9E6100
Type saint
Reporter SAINT Corporation
Modified 2011-07-08T00:00:00

Description

Added: 07/08/2011

Background

IBM Lotus Domino is a messaging and collaboration solution for multiple platforms.

Problem

The WebAdmin.nsf resource on the Domino web service contains a buffer overflow vulnerability.

Resolution

No patch is available at this time.

References

<http://www-10.lotus.com/ldd/r5fixlist.nsf/Public/7BE022D035F58F8D8525786F007EC417?OpenDocument>
<http://www.research.reversingcode.com/index.php/advisories/73-ibm-ssd-1012211>

Limitations

This exploit has been tested against IBM Lotus Domino 8.5 on Windows Server 2003 SP2 English (DEP AlwaysOff). This exploit requires valid credentials for an account that is able to access the /webadmin.nsf resource.

Platforms

Windows