Lotus Domino IMAP CRAM-MD5 authentication buffer overflow

Added: 04/23/2007
CVE: CVE-2007-1675
BID: 23172
OSVDB: 34091

Background

IBM Lotus Domino is a messaging and collaboration solution for multiple platforms.

Problem

A buffer overflow vulnerability in the CRAM-MD5 authentication function in the Lotus Domino IMAP service allows remote attackers to execute arbitrary commands by sending a long, specially crafted username.

Resolution

Upgrade to Lotus Domino 6.5.6 or 7.0.2 Fix Pack 1 or higher.

References

http://www.zerodayinitiative.com/advisories/ZDI-07-011.html
http://www-1.ibm.com/support/docview.wss?uid=swg21257028

Limitations

Exploit works on IBM Lotus Domino IMAP Server 6.5.4 on Windows Server 2003 SP0. There may be a delay of approximately one minute before the exploit succeeds.

Platforms

Windows

Back to exploit index