Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lotus_domino | Ibm | 5.0 (including) | 5.0 (including) |
| Lotus_domino | Ibm | 5.0.1 (including) | 5.0.1 (including) |
| Lotus_domino | Ibm | 5.0.2 (including) | 5.0.2 (including) |
| Lotus_domino | Ibm | 5.0.3 (including) | 5.0.3 (including) |
| Lotus_domino | Ibm | 5.0.4 (including) | 5.0.4 (including) |
| Lotus_domino | Ibm | 5.0.4a (including) | 5.0.4a (including) |
| Lotus_domino | Ibm | 5.0.5 (including) | 5.0.5 (including) |
| Lotus_domino | Ibm | 5.0.6 (including) | 5.0.6 (including) |
| Lotus_domino | Ibm | 5.0.6a (including) | 5.0.6a (including) |
| Lotus_domino | Ibm | 5.0.7 (including) | 5.0.7 (including) |
| Lotus_domino | Ibm | 5.0.7a (including) | 5.0.7a (including) |
| Lotus_domino | Ibm | 5.0.8 (including) | 5.0.8 (including) |
| Lotus_domino | Ibm | 5.0.9 (including) | 5.0.9 (including) |
| Lotus_domino | Ibm | 5.0.9a (including) | 5.0.9a (including) |