Security Bulletin: IBM Notes Multi User Profile Cleanup service enables an attacker to execute arbitrary code on the next logon of a user (CVE-2013-0536)

Flash (Alert)


Abstract

An attacker on a multi-user system is able to target other users by executing code with the rights of the user.

Content

VULNERABILITY DETAILS:
CVE ID: CVE-2013-0536

DESCRIPTION:
IBM Notes Multi User Profile Cleanup service enables an attacker to execute arbitrary code on the next logon of a user.

CVSS:
CVSS Base Score: 6.9
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/82658 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C)

AFFECTED PLATFORMS:
IBM Notes 9.0, 8.5.x, 8.0.x.

REMEDIATION:

Fix:
This issue is being tracked as SPR# PJOK959J24. The fix is included in Interim Fix 2 for Notes 9.0 (technote 1640580) and Interim Fix 2 for Notes 8.5.3 Fix Pack 4 (technote 1639571). The fix will also be included in Notes 8.5.3 Fix Pack 5 (refer to the Notes/Domino Fix List to monitor Fix Pack availability status).

Workaround:
Disable the ntmulti.exe service on the client workstation. Disabling this service will adversely affect only roaming users who are set up for roaming user clean-up. The roaming user clean-up may not be complete after disabling the service.

Mitigation:
None



REFERENCES:
Complete CVSS Guide
On-line Calculator V2
CVE-2013-0536
http://xforce.iss.net/xforce/xfdb/82658


RELATED INFORMATION:
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog


ACKNOWLEDGEMENT
This vulnerability was reported to IBM by Markus Pieton of it.sec GmbH & Co. KG.

Related information

Interim Fix 2 for IBM Notes 9.0
Interim Fix 2 for IBM Notes 8.5.3 Fix Pack 4

Cross reference information
Segment Product Component Platform Version Edition
Messaging Applications IBM Domino Windows 9.0, 8.5.3, 8.5.2, 8.5.1, 8.5, 8.0.2, 8.0.1, 8.0

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

IBM Notes
Roaming User

Software version:

8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, 9.0

Operating system(s):

Windows

Reference #:

1633827

Modified date:

2013-06-12

Translate my page

Machine Translation

Content navigation