Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0178

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0178
Last Modified 05 Sep 2008 04:33:41
Published 02 Apr 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0178

Summary

Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.

Vulnerable Systems

Application

  • Ibm Lotus Domino Web Server 6.0


References

CERT-VN - VU#772817

CERT-VN - VU#542873

CERT-VN - VU#206361

CERT - CA-2003-11

BID - 6871

BUGTRAQ - 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)

XF - lotus-domino-hostname-bo(11337)

XF - lotus-domino-inotes-bo(11336)

BID - 6870

MISC - http://www.nextgenss.com/advisories/lotus-inotesoflow.txt

MISC - http://www.nextgenss.com/advisories/lotus-hostlocbo.txt

CIAC - N-065

NTBUGTRAQ - 20030217 Domino Advisories UPDATE

NTBUGTRAQ - 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)

VULNWATCH - 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)


Last Updated: 27 May 2016 10:37:48