Update Protection against IBM Lotus Domino Web Server HTTP Header Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2008-084 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA30310 | |
| Industry Reference(s): | CVE-2008-2240 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? IBM Lotus Domino 6 IBM Lotus Domino 6.5 IBM Lotus Domino 7.0.x prior to 7.0.3 Fix Pack 1 (FP1) IBM Lotus Domino 8.0.x prior to 8.0.1 | ||
| Vulnerability Description A stack buffer overflow vulnerability was reported in the IBM Lotus Domino Web Server application. IBM Lotus Domino is a server product that provides enterprise-grade e-mail, collaboration capabilities, and custom application platform. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system. |
||
|
Update/Patch Available Upgrade to Domino 7.0.3 Fix Pack 1 (FP1) or 8.0.1. Upgrade Central |
|
|
Vulnerability Details The vulnerability is due to an error in the IBM Lotus Domino Web Server application that fails to properly handle the header field in certain HTTP requests. An attacker can exploit this issue by sending a specially crafted HTTP request to the target server. Successful exploitation may allow the attacker to execute arbitrary code on the target system. |
Protection Overview
By enabling this protection, SmartDefense will detect and block malformed HTTP requests sent to the vulnerable server. IPS-1 will detect and block HTTP requests with Accept-Language headers which exceed 32 bytes.
In order for the protection to be activated, update your VPN-1/InterSpect/Connectra product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.