CVE-2003-0178
CVSS10.0
发布时间 :2003-04-02 00:00:00
修订时间 :2016-10-17 22:30:23
NMCOS    

[原文]Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.


[CNNVD]IBM Lotus Domino HTTP重定向远程缓冲区溢出漏洞(CNNVD-200304-055)

        
        Lotus Domino/Notes是一套得到广泛应用的群件系统,提供通讯、群体合作、对等协调等功能。
        Lotus Domino对HTTP重定向处理存在问题,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以Domino进程权限在系统上执行任意指令。
        当执行重定向操作的时候,Lotus Domino 6存在一个远程可利用缓冲区溢出问题。当构建302重定向应答时,服务器会提取客户端提供的"Host"头信息并把这个值传递给"Location"字段,通过请求部分文档或查看部分数据库信息,可迫使服务器执行重定向操作,通过提供超长的主机名字符串,就可以发生缓冲区溢出,精心构建提交字符串数据可能以Domino进程权限在系统上执行任意指令。默认这些数据库可以被匿名用户访问。
        

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0178
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0178
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200304-055
(官方数据源) CNNVD

- 其它链接及资源

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html
(UNKNOWN)  VULNWATCH  20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html
(UNKNOWN)  VULNWATCH  20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
(UNKNOWN)  VULNWATCH  20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)
http://marc.info/?l=bugtraq&m=104550063431461&w=2
(UNKNOWN)  BUGTRAQ  20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)
http://marc.info/?l=bugtraq&m=104550063431463&w=2
(UNKNOWN)  BUGTRAQ  20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)
http://marc.info/?l=bugtraq&m=104550335103136&w=2
(UNKNOWN)  BUGTRAQ  20030217 Domino Advisories UPDATE
http://marc.info/?l=ntbugtraq&m=104558777331345&w=2
(UNKNOWN)  NTBUGTRAQ  20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)
http://marc.info/?l=ntbugtraq&m=104558777531350&w=2
(UNKNOWN)  NTBUGTRAQ  20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)
http://marc.info/?l=ntbugtraq&m=104558778331387&w=2
(UNKNOWN)  NTBUGTRAQ  20030217 Domino Advisories UPDATE
http://www.cert.org/advisories/CA-2003-11.html
(UNKNOWN)  CERT  CA-2003-11
http://www.ciac.org/ciac/bulletins/n-065.shtml
(UNKNOWN)  CIAC  N-065
http://www.kb.cert.org/vuls/id/206361
(UNKNOWN)  CERT-VN  VU#206361
http://www.kb.cert.org/vuls/id/542873
(UNKNOWN)  CERT-VN  VU#542873
http://www.kb.cert.org/vuls/id/772817
(VENDOR_ADVISORY)  CERT-VN  VU#772817
http://www.nextgenss.com/advisories/lotus-hostlocbo.txt
(UNKNOWN)  MISC  http://www.nextgenss.com/advisories/lotus-hostlocbo.txt
http://www.nextgenss.com/advisories/lotus-inotesoflow.txt
(UNKNOWN)  MISC  http://www.nextgenss.com/advisories/lotus-inotesoflow.txt
http://www.securityfocus.com/bid/6870
(UNKNOWN)  BID  6870
http://www.securityfocus.com/bid/6871
(VENDOR_ADVISORY)  BID  6871
http://xforce.iss.net/xforce/xfdb/11336
(UNKNOWN)  XF  lotus-domino-inotes-bo(11336)
http://xforce.iss.net/xforce/xfdb/11337
(VENDOR_ADVISORY)  XF  lotus-domino-hostname-bo(11337)

- 漏洞信息

IBM Lotus Domino HTTP重定向远程缓冲区溢出漏洞
危急 边界条件错误
2003-04-02 00:00:00 2006-09-21 00:00:00
远程  
        
        Lotus Domino/Notes是一套得到广泛应用的群件系统,提供通讯、群体合作、对等协调等功能。
        Lotus Domino对HTTP重定向处理存在问题,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以Domino进程权限在系统上执行任意指令。
        当执行重定向操作的时候,Lotus Domino 6存在一个远程可利用缓冲区溢出问题。当构建302重定向应答时,服务器会提取客户端提供的"Host"头信息并把这个值传递给"Location"字段,通过请求部分文档或查看部分数据库信息,可迫使服务器执行重定向操作,通过提供超长的主机名字符串,就可以发生缓冲区溢出,精心构建提交字符串数据可能以Domino进程权限在系统上执行任意指令。默认这些数据库可以被匿名用户访问。
        

- 公告与补丁

        厂商补丁:
        Lotus
        -----
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载补丁下载:
        Lotus Domino 6.0:
        IBM Upgrade Lotus Domino 6.0.1 Upgrade
        
        http://www14.software.ibm.com/webapp/download/search.jsp?q=&cat=&pf=&k=&dt=&go=y&rs=ESD-DMNTSRVRi&S_TACT=&S_CMP=&sb=r

- 漏洞信息

10823
IBM Lotus Domino iNotes Host: Header Redirect
Input Manipulation
Loss of Integrity Upgrade
Vendor Verified

- 漏洞描述

- 时间线

2003-02-17 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 6.0.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

IBM Lotus Domino Web Server iNotes s_ViewName/Foldername Buffer Overflow Vulnerability
Boundary Condition Error 6871
Yes No
2003-02-17 12:00:00 2009-07-11 08:06:00
Discovery is credited to Mark Litchfield <mark@ngssoftware.com>.

- 受影响的程序版本

Lotus Domino 6.0
Lotus Domino 6.0.1

- 不受影响的程序版本

Lotus Domino 6.0.1

- 漏洞讨论

Lotus Domino iNotes Web Server is vulnerable to a buffer overflow condition related to handling of client-supplied request parameters. Exploitation of this condition could allow for execution of code on affected servers. This vulnerability is reportedly eliminated in Domino Server 6.0.1.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Administrators are advised to upgrade to Domino 6.0.1. The upgrades for various platforms are available at the following location:


Lotus Domino 6.0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站