IBM Provides Patches for its Domino & Notes Vulnerabilities
IBM Corp has developed four patches for flaws in its Domino and Notes e-mail program to fix security loopholes whose exploitation could allow unauthorized access to information or cause system infection by inserting malware.
A number of flaws were detected in IBM's Lotus Domino, which attackers could exploit to reveal sensitive information, penetrate security programs, cause a condition of 'Denial of Service', or gain full control of a vulnerable system.
The first person to report the vulnerability in Lotus Notes of IBM was, Tan Chew Keong of Secunia. The vulnerability is capable of malicious exploitation to access and take control of a user's computer. It arises from an error in the WordPerfect file of a third party. If exploited, it could cause a buffer overflow by luring an Internet surfer into opening a malware infected WordPerfect document. A proper exploitation could even allow arbitrary code execution. This was published in news on October 23, 2007.
Security researcher Ollie Whitehouse at Symantec said that by using the Lotus Notes client in a Citrix environment or Terminal Services of Microsoft, users could access each other's data during a Lotus Notes session. This could also include e-mail access. eNews2.0 published this on October 25, 2007.
Ollie further said that this flaw could even be exploited to write to files mapped to memory so that an attacker could potentially insert active Lotus Script.
Secunia ApS, the bug tracking company in Denmark, has collectively rated the vulnerabilities as "moderately critical". These involve LotusScript: the command console of the Domino server, IMAP service of Notes, its scripting program, and how Domino and Notes map with Windows memory when both are applied to an environment for sharing such as in Citrix.
Another bug was reported which could cause the client to crash when collecting maliciously crafted responses from SMTP servers.
VeriSign Inc.-owned security intelligence company iDefense Labs has ranked the Internet Message Access Protocol (IMAP) flaw for a higher place on the threat chart compared to IBM Corp's own ranking of it.
IMB Corp has released patches for its versions 7.0.3 and 8.0 of its widely used applications, which can also be downloaded from the Lotus Upgrade Central Website.
Related article: IBM Mainframes’ Vulnerability to Attacks
» SPAMfighter News - 20-11-2007