Notes/Domino Fix List
 |  |
| SPR # KEMG6SRKEM | Fixed in 6.5.6; 7.0.2; 6.5.5 FP2 release | Security fix |
Product Area: Server Technical Area: Server Platform: Unix
SPR# KEMG6SRKEM - Fixed a potential security issue on Linux operating systems. See technote #1249173 for details.
Technote Number: 1249173
Problem:
This issue was reported to Quality Engineering as SPR# KEMG6SRKEM and has been
fixed in Domino 6.5.5 Fix Pack 2 (FP2) and Domino 7.0.2.
To work around this issue in previous affected releases, the tunekrnl binary
file can be renamed or deleted or the set-user-id bit can be removed. This
will prevent exploitation of the vulnerability, but it will also cause the loss
of some tuneable setting changes which affect the performance of Domino.
Additional Information:
Attack vector: Local system
Impact: Privilege escalation
Mitigating factors:
File can be removed as a workaround
Requires local system access to exploit More >
Last Modified on 08/06/2011
Go back
|