Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Gain a shell remotely >> Lotus Domino Vulnerabilities


Vulnerability Assessment Details

Lotus Domino Vulnerabilities

Vulnerability Assessment Summary
Checks for the version of the remote Domino Server

Detailed Explanation for this Vulnerability Assessment

The remote Lotus Domino server, according to its version number,
is vulnerable to various buffer overflows affecting it when
it acts as a client (through webretriever) or in LDAP.

A possible hacker may use these to disable this server or
execute arbitrary commands on the remote host.


References :
http://www.rapid7.com/advisories/R7-0011.html
http://www.rapid7.com/advisories/R7-0012.html

Solution : Update to Domino 5.0.12 or 6.0.1
Network Security Threat Level: High

Networks Security ID: 3041, 7038, 7039

Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Renaud Deraison

Cables, Connectors

New Dynatron Copper Heatsink K199 For Intel Xeon 3400 LGA1155/LGA1156 Lynnfield
$52.78
New Dynatron Copper Heatsink K199 For Intel Xeon 3400 LGA1155/LGA1156 Lynnfield  pictureIntel xeon QQ8B ES Gold 5217 ES Processor 8 Core 16 Threads 2.8G CPU
$280.0
Intel xeon QQ8B  ES Gold 5217 ES Processor 8 Core 16 Threads 2.8G CPU  pictureNew Supermicro Motherboard MBD-X11SPI-TF-O Xeon Single Socket P S3647 C622 Max.1
$543.6
New Supermicro Motherboard MBD-X11SPI-TF-O Xeon Single Socket P S3647 C622 Max.1 pictureIntel Xeon E5-1660 v2 SR1AP 3.7GHz 15MB 6-Core LGA2011 CPU Processor
$190.0
Intel Xeon E5-1660 v2 SR1AP 3.7GHz 15MB 6-Core LGA2011 CPU Processor picture


Discussions

No Discussions have been posted on this vulnerability.