|
IBM Lotus Domino/Notes Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA18328
|
|
|
Release Date:
|
2006-01-06
|
|
Last Update:
|
2006-09-07
|
|
Popularity:
|
18,465 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Unknown
DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | IBM Lotus Domino 6.x
IBM Lotus Domino Web Access (iNotes) 6.x
IBM Lotus Notes 6.x
IBM Lotus Notes Client 6.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Some vulnerabilities have been reported in Lotus Domino / Notes, which potentially can be exploited by malicious users to cause a DoS (Denial of Service), or with unknown impact.
1) Some unspecified potential security issues have been reported in Domino and affects the Agents, Router, Web Server, and Security components.
2) An unspecified boundary error in server when performing CD to MIME conversion may cause a buffer overflow. This may be exploited to cause the Router service to crash or become unresponsive.
3) A stack overflow error in Domino for AIX when evaluating a long formula in "Design" can potentially be exploited to crash Domino via an overly long recursive formula.
4) Some unspecified errors in the Directory Services can potentially be exploited to cause a DoS, e.g. via a crash when performing LDAP searches.
5) An unspecified error in the IMAP Server may cause the service to become unresponsive and unable to initiate new IMAP sessions.
6) An unspecified error may cause the server to crash when compact was executed from the client.
7) Several unspecified errors may cause the Web Server to crash when handling corrupted bitmap images or when performing the "Delete Attachment" action.
8) Some unspecified potential DoS issues have been reported in Domino and affects the Directory Services, Java, MIME to CD conversion, and Server components.
9) Some unspecified vulnerabilities have been reported in Notes.
10) Lotus Notes uses a vulnerable version of the dunzip32.dll library.
For more information:
SA12869
Note: Several other issues, which may be security related, have also been fixed.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
