Title: Lotus Domino LDAP Message Remote Denial of Service Vulnerability
Severity: HIGH
Description:
IBM Lotus Domino Server is an application framework for web-based collaborative software. It runs on multiple platforms including Microsoft Windows and UNIX.
Lotus Domino Server is prone to a remote denial-of-service vulnerability that occurs when malformed data is sent to the LDAP server on TCP port 389.
Lotus Domino 7.0 is vulnerable; other versions may also be affected.
UPDATE (January 14, 2010): This issue is reported to be caused by a heap-based buffer-overflow vulnerability. A proof of concept is available. Lotus Domino 8.5 Fixpack 1 is also vulnerable.
Affected Products:
- IBM Lotus Domino 7.0.0
- IBM Lotus Domino 7.0.1
- IBM Lotus Domino 7.0.2
- IBM Lotus Domino 7.0.2 FP1
- IBM Lotus Domino 7.0.2 FP2
- IBM Lotus Domino 7.0.2 FP3
- IBM Lotus Domino 7.0.3
- IBM Lotus Domino 7.0.3 Fix Pack 1 (FP1)
- IBM Lotus Domino 8.0
- IBM Lotus Domino 8.0.1
- IBM Lotus Domino 8.0.2.1
- IBM Lotus Domino 8.5
- IBM Lotus Domino 8.5 FP1
References:
- Evgeny Legerov: Lotus Domino 7 (probably 8) LDAP heap overflow
- Evgeny Legerov <research@gleg.net>: ProtoVer LDAP: testing Lotus Domino Server 7.0
- IBM: Lotus Domino Product Homepage
- IBM: Notes/Domino Downloads
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
