search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

Lotus Domino web server vulnerable to buffer overflow via long HTTP authentication header containing non-ASCII characters

Vulnerability Note VU#772563

Original Release Date: 2003-01-13 | Last Revised: 2003-01-13

Overview

A remotely exploitable buffer overflow exists in versions of IBM's Lotus Domino web server prior to R5.0.10.

Description

A remotely exploitable buffer overflow exists in the Lotus Domino web server. The overflow can occur as the result of an overly long HTTP Authenticate header containing certain non-ASCII characters. For more information, please see the IBM Technote.

Impact

An intruder can execute arbitrary code with the privileges of the Lotus Domino web server.

Solution

Upgrade to R5.0.10 or later.

Workaround

Log to text files instead of domlog.nsf.

Vendor Information

772563
 
Expand all

IBM Affected

Updated:  April 23, 2002

Status

Affected

Vendor Statement

Please see http://www-1.ibm.com/support/manager.wss?rs=0&rt=0&org=sims&doc=96F6A9D96DFD8BB585256B8A005A8C57.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was discovered by The Relay Group.

This document was written by Ian A. Finlay.

Other Information

CVE IDs: None
Severity Metric: 36.00
Date Public: 2002-04-23
Date First Published: 2003-01-13
Date Last Updated: 2003-01-13 15:28 UTC
Document Revision: 6

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis