At the marvelous Engage conference I had the honor to speak about "How to get my app on mobile?". Between the obvious choices of having a … more
There are 3 recently published vulnerabilities in Lotus Notes/Domino 6.5 and 7:
- IBM Lotus Domino IMAP Server Buffer Overflow Vulnerability
- IBM Lotus Domino Buffer Overflow Vulnerability in LDAP Server Task
- Lotus Domino Web Access Cross-Site Scripting Vulnerability
All 3 are resolved in the versions 6.5.6
and 7.0.1 Fix Pack 1.
Some details :
1. IBM Lotus Domino IMAP Server Buffer Overflow Vulnerability
ZDI (The Zero Day Initiative, associated with TippingPoint) contacted IBM® Lotus® to report a potential denial of service vulnerability with the IBM Lotus Domino IMAP server task.
Advisory ZDI-CAN-060 can be accessed at the following link: http://www.zerodayinitiative.com/advisories.html
If the IMAP server task is enabled on the Domino server, and an attacker is able to telnet to the server, it is possible for an attacker to cause a buffer overflow resulting in a denial of service attack.
2. IBM Lotus Domino Buffer Overflow Vulnerability in LDAP
iDefense contacted IBM Lotus to report a potential denial of service vulnerability with the Lotus Domino LDAP server task. This issue has been fixed in 7.0.2 Fix Pack 1 (FP1) and 6.5.6.
The iDefense advisory can be accessed from the following link: http://www.idefense.com/intelligence/vulnerabilities/
If the LDAP server task is running on the Domino server and a malformed request is submitted to the LDAP server for processing, it may cause a buffer overflow, resulting in a server crash.
3. Lotus Domino Web Access Cross-Site Scripting Vulnerability
iDefense contacted IBM Lotus to report a potential cross site scripting vulnerability in Domino Web Access.
The iDefense advisory can be accessed from the following link: http://labs.idefense.com/intelligence/vulnerabilities/
The Active Content Filter feature, which protects users from potentially malicious code execution upon reading mail in the browser, needed to be updated to account for a particular circumstance.
Sie haben Fragen zu diesem Artikel? Kontaktieren Sie uns gerne: email@example.com
"Drive your dreams" - is the motto of this year's international Engange conference, which will take place in Brussels for three days ... more
9,6% market share and 18% market growth for IBM in the AI sector in 2017 – that is the impressive result of a study … more