HCL
Skip to main content  
 
   


SPRTechnote


IBM Lotus Domino Buffer Overflow Vulnerability in LDAP Server Task

Technote Number: 1466846


Problem:
This issue was reported to Lotus Quality Engineering as SPR# KEMG6UFL2A, and
has been fixed in Domino 7.0.2 Fix Pack 1 (FP1), Domino 6.5.5 Fix Pack 3 (FP3)
and Domino 6.5.6.

Attack vector: Remote
Impact: Denial of Service

Assessing this vulnerability using the Common Vulnerability Scoring System
(CVSS):
CVSS Base Score: 5
CVSS Temporal Score: 3.9
CVSS Environmental Score: Undefined*
Overall CVSS Score: 3.9

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the referenced links
below.

Base Score Metrics:
Related exploit range/Attack Vector: Remote
Attack Complexity: Low
Level of Authentication Needed: Not Required
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Complete
Impact Value Weighting: Weight Availability

Temporal Score Metrics:
Availability of Exploit: Proof of concept code
Type of Fix available: Official fix
Level of verification that vulnerability exists: Confirmed

References:
Complete CVSS Guide:
http://www.first.org/cvss/cvss-guide.html

Online Calculator:
http://nvd.nist.gov/cvss.cfm?calculator
More >





  Document options
Print this document
Print view

  Search
Search Advanced Search


  Fix list views

 RSS feeds   RSS
Subscribe to the fix list

  Resources
Using this database
View notices

  HCL Support
HCL Support


    About HCL Privacy Contact