Info

Disclosure

Jun 01, 2007

Discovery

Unknown

Dates

Exploit

Jun 16, 2010

Solution

Unknown

Description

Lotus Domino is prone to an overflow condition. The Web Server fails to properly sanitize the If-Modified-Since header resulting in a stack overflow. With a specially crafted HTTP request, a remote attacker can potentially cause remote code execution.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Commercial
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 7.0.2 Fix Pack 2 (FP2) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

IBM Corporation	Lotus Domino	6.5.3
		7.0

References

Security Tracker: 1018189
CVE ID: 2007-0067 (see also: NVD)
Bugtraq ID: 24307
Secunia Advisory ID: 25542
ISS X-Force ID: 34689
VUPEN Advisory: ADV-2007-2046 [ Link is 404 ]
Generic Exploit URL: http://d2sec.com/products.htm
http://www.coresecurity.com/content/ibm-lotus-domino-if-modified-since-buffer-overflow-exploit-10-5
Other Advisory URL: http://labs.mwrinfosecurity.com/advisories/2007/10/15/ibm-lotus-domino-if-modified-since-stack-overflow/
http://labs.mwrinfosecurity.com/assets/196/mwri_ibm-lotus-domino-if-modified-since-stack-overflow_2007-10-15.pdf
Vendor Specific News/Changelog Entry: http://www-1.ibm.com/support/docview.wss?uid=swg21257251
Keyword: SPR# MKEN6X3NKK

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/35766

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

IBM Corporation

Lotus Domino

References

Credit