IBM Lotus Domino < 6.5.6 FP2 Multiple Vulnerabilities

This script is Copyright (C) 2007-2011 Tenable Network Security, Inc.


Synopsis :

The remote host has an application that is affected by multiple
vulnerabilities.

Description :

The version of Lotus Domino on the remote host appears to be older
than 6.5.6 FP2. According to IBM, such versions may be affected by
several security issues, depending on the specific version and its
configuration.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21263871
http://www-01.ibm.com/support/docview.wss?uid=swg27010980

Solution :

Upgrade to Lotus Domino 6.5.6 FP2 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 27856 (domino_6_5_6fp2.nasl)

Bugtraq ID: 26176
26298

CVE ID: CVE-2007-3510
CVE-2007-5924