Title: IBM Lotus Domino IMAP4 LSUB Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
IBM Lotus Domino is a client/server product designed for collaborative working environments. Domino Server supports email, scheduling, instant messaging, and data-driven applications.
IBM Lotus Domino Server is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
The vulnerability occurs in the IMAP4 server implementation via the LSUB command. To exploit the issue, an attacker must successfully log in to the server and execute a SUBSCRIBE command with an excessively long mailbox name. The overflow is triggered when the LSUB command is executed, which will cause regions of memory adjacent to the mailbox argument to be overwritten with attacker-supplied data.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
An exploit is available for Lotus Domino Server running on Windows platforms. It is not known if other platforms are affected.
This issue may be related to the IMAP buffer-overflow vulnerability described in BID 26176.
Affected Products:
- IBM Lotus Domino 7.0.2 FP1
References:
- IBM: IBM Homepage
- IBM: Lotus Domino Product Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
