IBM Domino 8.5.x < 8.5.3 Fix Pack 6 Interim Fix 15 / 9.0.x < 9.0.1 Fix Pack 7 Interim Fix 1 Multiple Vulnerabilities

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

A business collaboration application running on the remote host is
affected by multiple vulnerabilities.

Description :

According to its banner, the version of IBM Domino (formerly IBM
Lotus Domino) running on the remote host is 8.5.x prior to 8.5.3 Fix
Pack 6 (FP6) Interim Fix 15 (IF15) or 9.0.x prior to 9.0.1 Fix Pack 7
(FP7) Interim Fix 1 (IF1). It is, therefore, affected by the following
vulnerabilities :

- Multiple cross-site scripting (XSS) vulnerabilities
exist in the iNotes component due to improper validation
of user-supplied input. An authenticated, remote
attacker can exploit these, via a specially crafted
request, to execute arbitrary script code in a user's
browser session. (CVE-2016-0282, CVE-2016-5880)

- Multiple cross-site scripting (XSS) vulnerabilities
exist in the iNotes component due to improper validation
of user-supplied input. An unauthenticated, remote
attacker can exploit these, via a specially crafted
request, to execute arbitrary script code in a user's
browser session. (CVE-2016-2938, CVE-2016-2939,
CVE-2016-5881, CVE-2016-5882, CVE-2016-6113,
CVE-2016-5884)

- A denial of service vulnerability exists in the Apache
Commons FileUpload component due to improper handling of
boundaries in content-type headers when handling file
upload requests. An unauthenticated, remote attacker can
exploit this to cause processes linked against the
library to become unresponsive. (CVE-2016-3092)

See also :

https://www-01.ibm.com/support/docview.wss?uid=swg21992835
https://www-01.ibm.com/support/docview.wss?uid=swg21663874
https://www-01.ibm.com/support/docview.wss?uid=swg21657963

Solution :

Upgrade to IBM Domino version 8.5.3 Fix Pack 6 (FP6) Interim Fix 15
(IF15) / 9.0.1 Fix Pack 7 (FP7) Interim Fix 1 (IF1) or later.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now