If you are running on the IBM i platform, you don't have to worry about
this issue. The remote console provided by Lotus is not supported on IBM
i. Why? Because the IBM i platform has since day 1, provided the
WRKDOMCSL command, which can be used to remotely (via any 5250 terminal)
connect to a Domino server and issue commands to the server.





rob@xxxxxxxxx
Sent by: domino400-bounces+cmc=us.ibm.com@xxxxxxxxxxxx
03/25/2011 08:16 AM
Please respond to Lotus Domino on the iSeries / AS400

To: domino400@xxxxxxxxxxxx
cc:
Subject: (0day) IBM Lotus Domino Server Controller
Authentication Bypass Remote Code Execution Vulnerability


Anyone address the following? If so, how?

(0day) IBM Lotus Domino Server Controller Authentication Bypass Remote
Code Execution Vulnerability
Zero Day Initiative's (ZDI) released a public announcement concerning a
vulnerability in IBM's Lotus Domino Server. The Domino server uses a user
supplied COOKIEFILE path variable to retrieve stored credentials when
authenticating the user. An attacker could supply a UNC path as the
COOKIEFILE where they control both the "known good credentials" and the
challenge credentials, thereby insuring a match. Successful exploitation
of this vulnerability could allow the attacker to execute arbritary code
as the SYSTEM user. IBM has not released a patch for this vulnerability,
yet, but they do offer means to mitigate the problem. The administrator
can set a console password, thus providing another layer of authentication

and can limit the available commands in the console. Restricting access to

port 2050/tcp on the servers running Domino Server to only the authorized
hosts that need access to the Domino Servers can further mitigate this
vulnerability.
http://www.zerodayinitiative.com/advisories/ZDI-11-110/


Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2021 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.