Vulnerabilities > CVE-2003-0178 - Buffer Overflow vulnerability in IBM Lotus Domino web Server 6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Web Servers |
NASL id | DOMINO6_OVERFLOWS.NASL |
description | The remote Lotus Domino server, according to its version number, is vulnerable to various buffer overflow and denial of service attacks. An attacker may use these to disable this server or execute arbitrary commands on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11386 |
published | 2003-03-14 |
reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11386 |
title | IBM Lotus Domino 6.0 Multiple Vulnerabilities |
code |
|
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
- http://marc.info/?l=bugtraq&m=104550063431461&w=2
- http://marc.info/?l=bugtraq&m=104550063431463&w=2
- http://marc.info/?l=bugtraq&m=104550335103136&w=2
- http://marc.info/?l=ntbugtraq&m=104558777331345&w=2
- http://marc.info/?l=ntbugtraq&m=104558777531350&w=2
- http://marc.info/?l=ntbugtraq&m=104558778331387&w=2
- http://www.cert.org/advisories/CA-2003-11.html
- http://www.ciac.org/ciac/bulletins/n-065.shtml
- http://www.kb.cert.org/vuls/id/206361
- http://www.kb.cert.org/vuls/id/542873
- http://www.kb.cert.org/vuls/id/772817
- http://www.nextgenss.com/advisories/lotus-hostlocbo.txt
- http://www.nextgenss.com/advisories/lotus-inotesoflow.txt
- http://www.securityfocus.com/bid/6870
- http://www.securityfocus.com/bid/6871
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11337