CVE-2003-0179
CVSS7.5
发布时间 :2003-04-02 00:00:00
修订时间 :2016-10-17 22:30:24
NMCOS    

[原文]Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.


[CNNVD]IBM Lotus iNotes ActiveX控件远程缓冲区溢出漏洞(CNNVD-200304-035)

        
        Lotus Domino/Notes是一套得到广泛应用的群件系统,提供通讯,群体合作,对等协调等功能。iNotes提供基于WEB的消息系统。这些服务包含客户端ActiveX控件。
        Lotus Domino iNotes安装的ActiveX控件对用户提供的请求参数缺少正确边界缓冲区检查,远程攻击者可以利用这个漏洞构建恶意WEB页,诱使用户点击,触发进行缓冲区溢出攻击,可能以用户进程权限在系统上执行任意指令。
        iNotes在客户端会安装称为Lotus Domino Session ActiveX的控件,不过由于对"InitializeUsingNotesUserName"方法处理不正确,攻击者构建恶意页面提供超长值给"InitializeUsingNotesUserName",诱使用户点击,可导致出发缓冲区溢出,精心构建提交的数据可能以用户进程权限在系统上执行任意指令。
        攻击者也可以利用HTML形式的EMAIL来触发此漏洞。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:ibm:lotus_notes_client:6.0IBM Lotus Notes Client 6.0
cpe:/a:ibm:lotus_domino_web_server:6.0IBM Lotus Domino Web Server 6.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0179
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0179
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200304-035
(官方数据源) CNNVD

- 其它链接及资源

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
(UNKNOWN)  VULNWATCH  20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)
http://marc.info/?l=bugtraq&m=104550124032513&w=2
(UNKNOWN)  BUGTRAQ  20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)
http://marc.info/?l=bugtraq&m=104550335103136&w=2
(UNKNOWN)  BUGTRAQ  20030217 Domino Advisories UPDATE
http://marc.info/?l=ntbugtraq&m=104558778131373&w=2
(UNKNOWN)  NTBUGTRAQ  20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)
http://marc.info/?l=ntbugtraq&m=104558778331387&w=2
(UNKNOWN)  NTBUGTRAQ  20030217 Domino Advisories UPDATE
http://www-1.ibm.com/support/docview.wss?uid=swg21104543
(UNKNOWN)  CONFIRM  http://www-1.ibm.com/support/docview.wss?uid=swg21104543
http://www.cert.org/advisories/CA-2003-11.html
(UNKNOWN)  CERT  CA-2003-11
http://www.ciac.org/ciac/bulletins/n-065.shtml
(UNKNOWN)  CIAC  N-065
http://www.kb.cert.org/vuls/id/571297
(VENDOR_ADVISORY)  CERT-VN  VU#571297
http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
(UNKNOWN)  MISC  http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
http://www.securityfocus.com/bid/6872
(VENDOR_ADVISORY)  BID  6872
http://xforce.iss.net/xforce/xfdb/11339
(UNKNOWN)  XF  lotus-notes-activex-bo(11339)

- 漏洞信息

IBM Lotus iNotes ActiveX控件远程缓冲区溢出漏洞
高危 边界条件错误
2003-04-02 00:00:00 2006-09-21 00:00:00
远程  
        
        Lotus Domino/Notes是一套得到广泛应用的群件系统,提供通讯,群体合作,对等协调等功能。iNotes提供基于WEB的消息系统。这些服务包含客户端ActiveX控件。
        Lotus Domino iNotes安装的ActiveX控件对用户提供的请求参数缺少正确边界缓冲区检查,远程攻击者可以利用这个漏洞构建恶意WEB页,诱使用户点击,触发进行缓冲区溢出攻击,可能以用户进程权限在系统上执行任意指令。
        iNotes在客户端会安装称为Lotus Domino Session ActiveX的控件,不过由于对"InitializeUsingNotesUserName"方法处理不正确,攻击者构建恶意页面提供超长值给"InitializeUsingNotesUserName",诱使用户点击,可导致出发缓冲区溢出,精心构建提交的数据可能以用户进程权限在系统上执行任意指令。
        攻击者也可以利用HTML形式的EMAIL来触发此漏洞。
        

- 公告与补丁

        厂商补丁:
        Lotus
        -----
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载升级到Domino 6.0.1版本:
        Lotus Notes Client 6.0:
        IBM Upgrade Lotus Notes Client 6.0.1 Upgrade
        
        http://www14.software.ibm.com/webapp/download/search.jsp?q=&cat=&pf=&k=&dt=&go=y&rs=ESD-NOTECLNTi&S_TACT=&S_CMP=&sb=r

- 漏洞信息

10825
IBM Lotus Domino COM Object Control Handler InitializeUsingNotesUserName Method Overflow
Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-02-17 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

IBM Lotus Notes and Domino COM Object Control Handler Buffer Overflow Vulnerability
Boundary Condition Error 6872
Yes No
2003-02-17 12:00:00 2009-07-11 08:06:00
Discovered by Mark Litchfield of Next Generation Security Software.

- 受影响的程序版本

Lotus Notes Client 6.0
Lotus Domino 6.0
Lotus Notes Client 6.0.1
Lotus Domino 6.0.1

- 不受影响的程序版本

Lotus Notes Client 6.0.1
Lotus Domino 6.0.1

- 漏洞讨论

It has been reported that a buffer overflow affects the COM Object Control Handler that is installed on client systems to support IBM Lotus iNotes and on Domino Servers. This vulnerability may be exploited remotely through Microsoft Internet Explorer. Exploitation may result in compromise of affected client systems.

This vulnerability is reportedly eliminated in Notes 6.0.1.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Administrators are advised to upgrade to Notes and Domino 6.0.1. The upgrades are available at the following location:


Lotus Domino 6.0

Lotus Notes Client 6.0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站