{"vuid":"VU#206361","idnumber":"206361","name":"Lotus iNotes vulnerable to buffer overflow via PresetFields FolderName field","keywords":["Lotus Domino Web Server","buffer overflow","crafted URL","presetfields","inotes","folder name","KSPR5HUQ59"],"overview":"Lotus iNotes contains a buffer overflow that could permit a remote attacker to execute arbitrary code or cause a denial of service on a vulnerable server.","clean_desc":"Lotus iNotes Web Access is a database application that provides \"access to corporate messaging services and personal information through a Web browser.\"  NGSSoftware has researched and reported a buffer overflow vulnerability in iNotes that can be triggered via a specially crafted FolderName value of the PresetFields parameter. For further information, see NGSSoftware Insight Security Research Advisory #NISR17022003b. Lotus is tracking this issue as SPR# KSPR5HUQ59. Further information is available in IBM Technote 1104527.","impact":"A remote attacker could execute arbitrary code with the privileges of the Domino server process or cause a denial of service.","resolution":"Upgrade\nThis issue is resolved in Notes/Domino 6.0.1 and 5.0.12.","workarounds":"Disable Vulnerable Service Until upgrades can be performed, consider disabling iNotes.","sysaffected":"","thanks":"This vulnerability was reported by Mark Litchfield of \nNGSSoftware","author":"This document was written by Art Manion.","public":["http://www.lotus.com/products/inotes.nsf","http://www.lotus.com/products/inotes.nsf/allpublic/53380DDF183DC9A38525697C006E652E?opendocument","http://www.nextgenss.com/advisories/lotus-inotesoflow.txt","http://www-1.ibm.com/support/docview.wss?uid=swg21104527","http://www-1.ibm.com/support/docview.wss?uid=swg27003694","http://www-10.lotus.com/ldd/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c/fcd56eb247bf688085256cca0070f90c?OpenDocument"],"cveids":[""],"certadvisory":"CA-2003-11","uscerttechnicalalert":null,"datecreated":"2003-01-17T20:49:01Z","publicdate":"2003-02-17T00:00:00Z","datefirstpublished":"2003-02-19T22:02:57Z","dateupdated":"2003-03-26T17:22:09Z","revision":26,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"7","cam_population":"12","cam_impact":"17","cam_easeofexploitation":"11","cam_attackeraccessrequired":"20","cam_scorecurrent":"18.513","cam_scorecurrentwidelyknown":"22.7205","cam_scorecurrentwidelyknownexploited":"39.5505","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":18.513,"vulnote":null}