Stack buffer overflow vulnerability in Lotus Domino iCalendar functionality

Technote (troubleshooting)

Problem

MWR InfoSecurity and TippingPoint's Zero Day Initiative (ZDI) contacted IBM Lotus to report a potential buffer overflow vulnerability with the Lotus Domino iCalendar functionality.

It is possible to cause a buffer overflow situation based on the iCalendar content included in a calendar invitation.

To exploit this vulnerability, an attacker would have to send an iCalendar invitation with specific parameters. The vulnerability is exposed when the Domino server goes to process that content which could result in remote execution of code.

(Original publish date September 14, 2010. See "Change History" below.)

Resolving the problem

For related information, see the following advisories:

MWR InfoSecurity: http://labs.mwrinfosecurity.com/advisories/lotus_domino_ical_stack_buffer_overflow
TippingPoint's ZDI: http://zerodayinitiative.com/advisories

Recommended Fix

This issue was reported to Quality Engineering as SPR# NRBY7ZPJ9V. To address the issue, customers are encouraged to upgrade to the following releases:

8.5.2 (release notice)
8.5.1 Fix Pack 2 (release notice)
8.0.2 Fix Pack 5 (release notice)

Workarounds

There are no known workarounds.

Security Rating using Common Vulnerability Scoring System (CVSS) v2
CVSS Base Score: < 9.3 > ---- Impact Subscore: < 10 > ---- Exploitability Subscore: < 8.6 > CVSS Temporal Score: < 7.3 > CVSS Environmental Score: *< Undefined > Overall CVSS Score: < 7.3 >**
Base Score Metrics: Related exploit range/Attack Vector: < Network > Access Complexity: < Medium > Authentication < None > Confidentiality Impact: < Complete > Integrity Impact: < Complete > Availability Impact: < Complete >
Temporal Score Metrics: Exploitability: < Proof of Concept Code > Remediation Level: < Official Fix > Report Confidence: < Confirmed >
References: CVSS v2 Complete Documentation CVSS v2 Online Calculator

*The CVSS Environment Score is customer environment-specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the referenced links.

Change History
10 October 2010	Updated product versions list.
14 September 2010	Initial publication.

*Cross reference information*
Segment	Product	Component	Platform	Version	Edition
Messaging Applications	IBM Notes	Calendaring and Scheduling

Rate this page:

(0 users)Average rating

Copyright and trademark information

IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.

Document information

IBM Domino

Security

Software version:
6.5, 7.0, 8.0, 8.5, 8.5.1

Operating system(s):
AIX, AIX 64bit, Linux, Linux iSeries, Linux zSeries, Solaris, Windows, Windows 64bit, z/OS

Reference #:
1446515

Modified date:
2010-10-13

Stack buffer overflow vulnerability in Lotus Domino iCalendar functionality

Technote (troubleshooting)

Problem

Resolving the problem

Rate this page:

Copyright and trademark information

Rate this page:

Add comments

Document information

Translate my page

Content navigation

Footer links