How can I help you? Start Chat

US Phone: 1-866-488-6691
International Phone: +44-2036087492

  • E-Mail
  • Facebook
  • LinkedIn
  • Twitter

Check Point Advisories

Update Protection against IBM Lotus Domino IMAP Server Buffer Overflow

Check Point Reference: CPAI-2007-337
Date Published: 31 Dec 2007
Severity: Critical
Last Updated: 31 Dec 2010
Source: Secunia Advisory: SA27321
Industry Reference:CVE-2007-3510
Protection Provided by:
Who is Vulnerable? IBM Lotus Domino 6.x prior to 6.5.6 Fix Pack 2
IBM Lotus Domino 7.x prior to 7.0.3
Vulnerability Description IBM Lotus Domino Server is a collaboration software that provides mail, messaging, calendaring and scheduling capabilities across multiple OS platforms. The product implements numerous services based on open standards, including SMTP, IMAP, and POP3. Lotus Notes is the client implementation of the Lotus office product which is specifically designed to interact with Lotus Domino Server; however, the Lotus Domino Server can communicate with other client products via the standard formats mentioned above.
Vulnerability DetailsThere exists a buffer overflow vulnerability in the way IBM Lotus Domino IMAP Server handles LSUB requests. The vulnerability is due to lack of boundary protection while processing the subscribed mailbox names. A remote authenticated attacker may exploit this vulnerability to cause a denial of service condition or inject and execute arbitrary code on the vulnerable system within the security context of the affected service, normally System.
In a sophisticated attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the affected service, which is normally the System.
In an attack case where code injection is not successful, the affected server will terminate and all established connections will also be terminated.

Protection Overview