IBM Plugs Two Holes in Lotus Domino Security

Mar 29, 2007

The company patches flaws that could have allowed hackers to execute code remotely in Lotus Domino Web Access, Lotus Domino Server 7.0.1

IBM has patched two vulnerabilities uncovered last year in its Lotus Domino product line.

Both vulnerabilities were fixed in Lotus Domino 6.5.6 and 7.0.2 Fix Pack 1. Last August, Sterling, Va.-based iDefense Labs reported a cross-site scripting vulnerability affecting IBM Lotus Domino Web Access, a Web-based messaging and collaboration interface for the Lotus Domino server.

"The vulnerability specifically exists due to improper HTML filtering of e-mail message contents. Although Web Access attempts to filter out HTML and script code, certain code sequences will bypass the filters and successfully execute JavaScript," according to iDefense.

IBM officials stated in an advisory that the Active Content Filter feature needed to be updated to thwart the attack.

The second flaw is a heap overflow vulnerability affecting IBM Lotus Domino Server software, which provides messaging and scheduling capabilities on a number of operating systems. If a hacker were to exploit the vulnerability in the directory service (LDAP) component of IBM's Lotus Domino Server 7.0.1 remotely, the hacker could cause a denial of service or execute arbitrary code. It was reported to IBM by iDefense in October.

"When a malformed request is made to the LDAP component of a Lotus Domino Enterprise Server, a heap overflow can be triggered," according to a security alert posted by iDefense. "The vulnerability specifically exists in the handling of strings larger than 65,535 bytes. When a string longer than this value is encountered, the service allocates memory using only the lower 16 bits of the string length. Since the entire string is subsequently copied into the newly allocated buffer, a heap-overflow occurs."

Although the service does not run as root, it does run as the same user as many other components of the Lotus Domino Server and therefore an attacker may gain access to sensitive information or subvert the server. In order to attempt exploitation, however, attackers must be able to connect to the LDAP service, according to the iDefense advisory.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Thanksgiving travel woes? There's an app for that

add to favorites email to friend print save as pdf

Related Stories

IBM Ships Lotus Notes and Domino 8

Aug 17, 2007

IBM announced that after two years in development and testing by more than 25,000 businesses around the world, Lotus Notes 8 and Lotus Domino 8 will be generally available today, Friday, August 17. IBM Lotus ...

IBM, 3Com Collaborate on VOIP

Mar 26, 2007

The two vendors are integrating IP telephony with e-mail, messaging and core business process applications in a new offering based on IBM's System i server platform.

IBM Announces Public Beta for Lotus Notes and Domino 8

Mar 16, 2007

IBM today announced that users can now download and try IBM Lotus Notes and Domino 8, a next generation email and collaboration platform that helps users streamline daily business tasks that run across a variety ...

Recommended for you

Thanksgiving travel woes? There's an app for that

2 hours ago

Traveling by plane, train or automobile can be a headache. Mixing in Thanksgiving can make it a throbbing migraine. Technology provides some pain relief in the form of apps to let you know which roads are ...

Singapore moves to regulate taxi booking apps

Nov 21, 2014

Singapore on Friday announced new rules for mobile taxi booking apps, including US-based Uber, in the latest move by governments around the world to regulate the increasingly popular services.

Protecting personal data in the cloud

Nov 20, 2014

IBM today announced it has patented the design for a data privacy engine that can more efficiently and affordably help businesses protect personal data as it is transferred between countries, including across private clouds.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.