The CERT Coordination Center on Wednesday issued an alert confirming several
buffer overflow vulnerabilities in Lotus Notes and Domino that could lead to
denial-of-service scenarios.
The CERT/CC advisory was issued primary to clear up confusion surrounding
several
security holes detected last month by research firms NGSS and
Rapid7.
Systems affected by the bugs include Lotus Notes and Domino versions
prior to 5.0.12 and 6.0 Gold. Download locations for vendor patches can be
found within the CERT advisory.
The Center confirmed buffer overflow vulnerabilities in Lotus iNotes and
Lotus Domino Web Server which leaves unpatched systems open to DoS attacks.
One of those Lotus iNotes flaws, described as “critical” by NGSS, can be
exploited by an attacker to run code in the security context of the account
running the Domino Web Services.
The Center also issued a clarification for another vulnerability
originally reported in an iNotes ActiveX control. “The vulnerable code is
not specific to iNotes or ActiveX,” CERT/CC said, noting that the iNotes
ActiveX control was an attack vector for the vulnerability and is not the
affected code base.
“Because this issue is not specific to ActiveX, Lotus Notes clients and
Domino Servers running on platforms other than Microsoft Windows may be
affected,” it warned.
Security research firm Rapid7 also found several holes in Lotus Domino
prior to version 5.0.12. It said the Lotus Domino Server was susceptible to
a pre-authentication buffer overflow during Notes authentication. The Lotus
Domino Web Retriever also contained a buffer overflow vulnerability.
Rapid7 also warned of holes in Lotus Domino pre-release and beta versions
of 6.0 were also affected by multiple vulnerabilities in LDAP handling code.
“The impact of these vulnerabilities range from denial of service to data
corruption and the potential to execute arbitrary code,” the Center
warned.
It noted that patches are available only for some of the vulnerabilities.
Until patches are made available for all, IT administrators are encouraged
to block access from outside the network perimeter or configure Lotus Notes
to help mitigate successful exploitation of the flaws.