Lotus Domino nrouter.exe iCalendar MAILTO buffer overflow

Added: 09/24/2010
CVE: CVE-2010-3407
BID: 43219
OSVDB: 68040

Background

IBM Lotus Domino is a messaging and collaboration solution for multiple platforms.

Problem

A buffer overflow in the nrouter.exe service allows remote attackers to execute arbitrary commands by sending an iCalendar message containing a long, specially crafted MAILTO header to an e-mail address on the server.

Resolution

Upgrade to Lotus Domino 8.0.2 Fix Pack 5, 8.5.1 Fix Pack 2, or 8.5.2 or higher.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21446515
http://www.zerodayinitiative.com/advisories/ZDI-10-177/

Limitations

Exploit works on Lotus Domino 8.5 and requires the e-mail address of a valid mailbox on the server.

Platforms

Windows

Back to exploit index