IBM Lotus Domino LDAP Message Heap Based Buffer Overflow Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	01/20/2009
Severity:	High
Applications Affected:	IBM Lotus Domino 7.0 IBM Lotus Domino 8.5
Type:	Remote
Identifiers:	CVE-2010-0358

Synopsis

IBM Lotus Domino Server is prone to remote heap-based buffer overflow vulnerability, which could be exploited to cause heap-based buffer overflow in security context of logged-in user.

Recommended Actions

Allow only trusted users.

Threat Analysis

Lotus Domino is an IBM server product that is Reliable, scalable, and security-rich business collaboration software and provides e-mail, collaboration capabilities, and custom application platform.

IBM Lotus Domino Server is prone to remote heap-based buffer overflow vulnerability. This vulnerability exists via a long string in a crafted LDAP message to a TCP port. Successful exploitation allows remote attackers to cause daemon exit, resulting in denial of service condition..

References

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0358
http://securitytracker.com/alerts/2010/Jan/1023456.html
http://intevydis.com/vd-list.shtml

Write-up by: Gaurav Bajpai