Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lotus_domino | Ibm | 4.6.1 (including) | 4.6.1 (including) |
| Lotus_domino | Ibm | 4.6.3 (including) | 4.6.3 (including) |
| Lotus_domino | Ibm | 4.6.4 (including) | 4.6.4 (including) |
| Lotus_domino | Ibm | 5.0 (including) | 5.0 (including) |
| Lotus_domino | Ibm | 5.0.1 (including) | 5.0.1 (including) |
| Lotus_domino | Ibm | 5.0.2 (including) | 5.0.2 (including) |
| Lotus_domino | Ibm | 5.0.3 (including) | 5.0.3 (including) |
| Lotus_domino | Ibm | 5.0.4 (including) | 5.0.4 (including) |
| Lotus_domino | Ibm | 5.0.4a (including) | 5.0.4a (including) |
| Lotus_domino | Ibm | 5.0.5 (including) | 5.0.5 (including) |
| Lotus_domino | Ibm | 5.0.6 (including) | 5.0.6 (including) |
| Lotus_domino | Ibm | 5.0.6a (including) | 5.0.6a (including) |
| Lotus_domino | Ibm | 5.0.7 (including) | 5.0.7 (including) |
| Lotus_domino | Ibm | 5.0.7a (including) | 5.0.7a (including) |
| Lotus_domino | Ibm | 5.0.8 (including) | 5.0.8 (including) |
| Lotus_domino | Ibm | 5.0.8a (including) | 5.0.8a (including) |
| Lotus_domino | Ibm | 5.0.9 (including) | 5.0.9 (including) |
| Lotus_domino | Ibm | 5.0.9a (including) | 5.0.9a (including) |
| Lotus_domino | Ibm | 5.0.10 (including) | 5.0.10 (including) |
| Lotus_domino | Ibm | 5.0.11 (including) | 5.0.11 (including) |
| Lotus_notes_client | Ibm | 5.0 (including) | 5.0 (including) |
| Lotus_notes_client | Ibm | 5.0.1 (including) | 5.0.1 (including) |
| Lotus_notes_client | Ibm | 5.0.2 (including) | 5.0.2 (including) |
| Lotus_notes_client | Ibm | 5.0.3 (including) | 5.0.3 (including) |
| Lotus_notes_client | Ibm | 5.0.4 (including) | 5.0.4 (including) |
| Lotus_notes_client | Ibm | 5.0.5 (including) | 5.0.5 (including) |
| Lotus_notes_client | Ibm | 5.0.9a (including) | 5.0.9a (including) |
| Lotus_notes_client | Ibm | 5.0.10 (including) | 5.0.10 (including) |
| Lotus_notes_client | Ibm | 5.0.11 (including) | 5.0.11 (including) |
| Lotus_notes_client | Ibm | r5 (including) | r5 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2
- http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060
- http://www.cert.org/advisories/CA-2003-11.html
- http://www.ciac.org/ciac/bulletins/n-065.shtml
- http://www.kb.cert.org/vuls/id/411489
- http://www.rapid7.com/advisories/R7-0011.html
- http://www.securityfocus.com/bid/7038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11525
- http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2
- http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060
- http://www.cert.org/advisories/CA-2003-11.html
- http://www.ciac.org/ciac/bulletins/n-065.shtml
- http://www.kb.cert.org/vuls/id/411489
- http://www.rapid7.com/advisories/R7-0011.html
- http://www.securityfocus.com/bid/7038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11525