(0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability -- DOMINO400

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.

Anyone address the following? If so, how?

(0day) IBM Lotus Domino Server Controller Authentication Bypass Remote
Code Execution Vulnerability
Zero Day Initiative's (ZDI) released a public announcement concerning a
vulnerability in IBM's Lotus Domino Server. The Domino server uses a user
supplied COOKIEFILE path variable to retrieve stored credentials when
authenticating the user. An attacker could supply a UNC path as the
COOKIEFILE where they control both the "known good credentials" and the
challenge credentials, thereby insuring a match. Successful exploitation
of this vulnerability could allow the attacker to execute arbritary code
as the SYSTEM user. IBM has not released a patch for this vulnerability,
yet, but they do offer means to mitigate the problem. The administrator
can set a console password, thus providing another layer of authentication
and can limit the available commands in the console. Restricting access to
port 2050/tcp on the servers running Domino Server to only the authorized
hosts that need access to the Domino Servers can further mitigate this
vulnerability.
http://www.zerodayinitiative.com/advisories/ZDI-11-110/

Rob Berendt

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.