IBM Domino 8.5.x < 8.5.3 Fix Pack 5 Interim Fix 1 iNotes Buffer Overflow

High Nessus Plugin ID 74222

Synopsis

The remote server is affected by a buffer overflow vulnerability.

Description

According to its banner, the version of IBM Domino (formerly IBM Lotus Domino) on the remote host is 8.5.3 prior to 8.5.3 Fix Pack 5 (FP5) Interim Fix 1 (IF1), and thus is affected by a buffer overflow error in the iNotes component that could allow an authenticated user to execute arbitrary code.

Solution

Upgrade to IBM Domino 8.5.3 FP5 IF1 or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21649476

http://www-01.ibm.com/support/docview.wss?uid=swg21650146

Plugin Details

Severity: High

ID: 74222

File Name: domino_8_5_3fp5_if1.nasl

Version: 1.2

Type: remote

Family: Misc.

Published: 2014/05/28

Updated: 2018/07/10

Dependencies: 27855

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:domino, cpe:/a:ibm:inotes

Required KB Items: Domino/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/09/17

Vulnerability Publication Date: 2013/09/17

Reference Information

CVE: CVE-2013-4068

BID: 62481