IBM Notes 8.x < 8.5.3 IF4 HF2 / 9.x < 9.0 IF2 Code Execution

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.

Synopsis :

The remote host has software installed that is affected by a code
execution vulnerability.

Description :

The remote host has a version of Lotus Notes 8.x earlier than 8.5.3
Fix Pack 4 Interim Fix 2 or 9.0 earlier than Interim Fix 2. As such,
it is potentially affected by a code execution vulnerability. A flaw
in the Multi-user Profile Cleanup Service enables an attacker to
execute arbitrary code upon the next logon of a user.

See also :

Solution :

Upgrade to IBM Notes 8.5.3 FP4 Interim Fix 2 / 9.0 Interim Fix 2 or

Risk factor :

Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 66941 ()

Bugtraq ID: 60554

CVE ID: CVE-2013-0536

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now