 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.902419 |
| Categoría: | Buffer overflow |
| Título: | IBM Lotus Domino Multiple Remote Buffer Overflow Vulnerabilities |
| Resumen: | IBM Lotus Domino Server is prone to multiple vulnerabilities. |
| Descripción: | Summary: IBM Lotus Domino Server is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Stack overflow in the SMTP service, which allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message. - Buffer overflow in nLDAP.exe, which allows remote attackers to execute arbitrary code via an LDAP Bind operation. - Stack overflow in the NRouter service, which allows remote attackers to execute arbitrary code via long filenames associated with Content-ID and ATTACH:CID headers in attachments in malformed calendar-request e-mail messages. - Multiple stack overflows in the POP3 and IMAP services, which allows remote attackers to execute arbitrary code via non-printable characters in an envelope sender address. - The Remote Console, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors. Vulnerability Impact: Successful exploitation may allow remote attackers to execute arbitrary code in the context of the Lotus Domino server process or bypass authentication. Affected Software/OS: IBM Lotus Domino versions 8.5.3 prior Solution: Upgrade to version 8.5.2 FP3 or 8.5.3 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-0916 http://zerodayinitiative.com/advisories/ZDI-11-049/ http://secunia.com/advisories/43247 Common Vulnerability Exposure (CVE) ID: CVE-2011-0918 http://www-01.ibm.com/support/docview.wss?uid=swg21461514 http://zerodayinitiative.com/advisories/ZDI-11-046/ http://secunia.com/advisories/43224 Common Vulnerability Exposure (CVE) ID: CVE-2011-0919 Bugtraq: 20110207 ZDI-11-045: IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/516232/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-045/ Common Vulnerability Exposure (CVE) ID: CVE-2011-0920 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |