Executive Summary
Summary | |
---|---|
Title | IBM Lotus Domino server mailbox name stack buffer overflow |
Informations | |||
---|---|---|---|
Name | VU#676632 | First vendor Publication | 2017-04-17 |
Vendor | VU-CERT | Last vendor Modification | 2017-04-27 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#676632IBM Lotus Domino server mailbox name stack buffer overflowOverviewThe IBM Lotus Domino server IMAP service contains a stack-based buffer overflow vulnerability in IMAP commands that refer to a mailbox name. This can allow a remote, authenticated attacker to execute arbitrary code with the privileges of the Domino server Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThis document was written by Will Dormann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/676632 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 5 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-06-05 | Multiple IMAP servers DELETE command buffer overflow attempt RuleID : 46484 - Revision : 2 - Type : SERVER-MAIL |
2016-03-14 | Multiple IMAP servers EXAMINE command buffer overflow attempt RuleID : 37375 - Revision : 4 - Type : SERVER-MAIL |
2014-01-10 | STATUS overflow attempt RuleID : 3072-community - Revision : 19 - Type : PROTOCOL-IMAP |
2014-01-10 | STATUS overflow attempt RuleID : 3072 - Revision : 19 - Type : PROTOCOL-IMAP |
2014-01-10 | Multiple IMAP servers CREATE command buffer overflow attempt RuleID : 17239 - Revision : 12 - Type : SERVER-MAIL |
2014-01-10 | Multiple IMAP servers APPEND command buffer overflow attempt RuleID : 10011 - Revision : 18 - Type : SERVER-MAIL |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-12-21 | Name : A business collaboration application running on the remote host is affected b... File : domino_8_5_3fp6_if17.nasl - Type : ACT_GATHER_INFO |
2017-04-26 | Name : A business collaboration application running on the remote host is affected b... File : domino_swg22002280.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-05-05 17:24:51 |
|
2017-04-27 17:23:13 |
|
2017-04-22 05:22:42 |
|
2017-04-22 00:21:44 |
|
2017-04-19 17:22:41 |
|
2017-04-19 05:21:51 |
|
2017-04-19 00:22:21 |
|
2017-04-18 00:22:55 |
|