7.0.2

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

ibm

NVD

Published: 2007-03-28

Updated: 2017-07-29

Summary

Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Lotus Domino 7.0 IBM Lotus Domino 7.0.1 IBM Lotus Domino 7.0.2	3

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=494
http://secunia.com/advisories/24633
http://www.kb.cert.org/vuls/id/927988
http://www.securityfocus.com/bid/23173
http://www.securityfocus.com/bid/23174
http://www.securitytracker.com/id?1017825
http://www.vupen.com/english/advisories/2007/1133
http://www-1.ibm.com/support/docview.wss?uid=swg21257248
https://exchange.xforce.ibmcloud.com/vulnerabilities/33278