IBM Lotus Notes/Domino NRPC format string attack
| lotus-nrpc-format-string (20043) |  Medium Risk |
Description:
IBM Lotus Notes and Lotus Domino are vulnerable to a format string attack in the Notes authentication when using the Notes Protocol (NRPC). By sending a specially-crafted string containing format specifiers, a remote attacker could cause the server to crash.
Consequences:
Denial of Service
Remedy:
Upgrade to the latest version of Lotus Notes/Domino (6.0.5 or 6.5.4 or later), available from the IBM Support Services Web page. See References.
References:
- IBM Support Services Web page: Upgrade Central: Planning Your Upgrade to Lotus Notes/Domino 6.0.5/6.5.4.
- IBM Technote (FAQ): Potential Denial of Service Vulnerability During Notes Authentication.
- BID-13446: IBM Lotus Domino Server Notes Remote Procedure Call Remote Format String Vulnerability
- CVE-2005-1441: Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC).
- SA14879: Lotus Notes/Domino Multiple Vulnerabilities
- SECTRACK ID: 1013842: Lotus Domino Format String Flaw in Processing NRPC Protocol Lets Remote Users Deny Service
Platforms Affected:
- IBM Lotus Domino 6.0
- IBM Lotus Domino 6.0.1
- IBM Lotus Domino 6.0.2
- IBM Lotus Domino 6.0.2 CF2
- IBM Lotus Domino 6.0.3
- IBM Lotus Domino 6.5.0
- IBM Lotus Domino 6.5.1
- IBM Lotus Domino 6.5.2
- IBM Lotus Domino 6.5.3
Reported:
Apr 08, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net