There are 3 recently published vulnerabilities
in Lotus Notes/Domino 6.5 and 7:
- IBM Lotus Domino IMAP Server Buffer Overflow Vulnerability
- IBM Lotus Domino Buffer Overflow Vulnerability in LDAP Server Task
- Lotus Domino Web Access Cross-Site Scripting Vulnerability
All 3 are resolved in the versions 6.5.6
and 7.0.1 Fix Pack 1.
Some details :
1. IBM Lotus Domino IMAP Server Buffer
Overflow Vulnerability
ZDI (The Zero Day Initiative, associated
with TippingPoint) contacted IBM® Lotus® to report a potential denial of
service vulnerability with the IBM Lotus Domino IMAP server task.
Advisory ZDI-CAN-060 can be accessed
at the following link: http://www.zerodayinitiative.com/advisories.html
If the IMAP server task is enabled on
the Domino server, and an attacker is able to telnet to the server, it
is possible for an attacker to cause a buffer overflow resulting in a denial
of service attack.
2. IBM Lotus Domino Buffer Overflow
Vulnerability in LDAP
iDefense contacted IBM Lotus to report
a potential denial of service vulnerability with the Lotus Domino LDAP
server task. This issue has been fixed in 7.0.2 Fix Pack 1 (FP1) and 6.5.6.
The iDefense advisory can be accessed
from the following link: http://www.idefense.com/intelligence/vulnerabilities/
If the LDAP server task is running on
the Domino server and a malformed request is submitted to the LDAP server
for processing, it may cause a buffer overflow, resulting in a server crash.
3. Lotus Domino Web Access Cross-Site
Scripting Vulnerability
iDefense contacted IBM Lotus to report
a potential cross site scripting vulnerability in Domino Web Access.
The iDefense advisory can be accessed
from the following link: http://labs.idefense.com/intelligence/vulnerabilities/
The Active Content Filter feature, which
protects users from potentially malicious code execution upon reading mail
in the browser, needed to be updated to account for a particular circumstance.