CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 0CVE-2011-0916 – IBM Lotus Domino SMTP Multiple Filename Arguments Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0916
Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H. Desbordamiento de búfer basado en pila en el servicio SMTP en IBM Lotus Domino, permite a atacantes remotos ejecutar código de su elección a través de largos argumentos en un parámetro de nombre de archivo con un mensaje de correo electrónico MIME mal formado. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SMTP service while processing a malformed e-mail. The process continually appends each argument within a filename parameter into a buffer in memory. • http://secunia.com/advisories/43247 http://www-01.ibm.com/support/docview.wss?uid=swg21461514 http://zerodayinitiative.com/advisories/ZDI-11-049 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 14%CPEs: 74EXPL: 0CVE-2011-0914 – Lotus Domino Server diiop Client Request Operation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0914
Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow. Error de presencia de signo (signedness) en enteros en ndiiop.exe en la aplicación DIIOP en el servidor de IBM Lotus Domino v8.5.3 y anteriores, permite a atacantes remotos ejecutar código se elección mediante una petición del cliente GIOP, dando lugar a un desbordamiento de búfer en la memoria dinámica. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the ndiiop.exe component which listens by default on a dynamic TCP port. When handling a GIOP client Request packet type the process can be made to mis-allocate a buffer size due to a signed-ness bug. • http://secunia.com/advisories/43208 http://www-01.ibm.com/support/docview.wss?uid=swg21461514 http://zerodayinitiative.com/advisories/ZDI-11-052 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 83%CPEs: 1EXPL: 0CVE-2011-0919 – IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0919
Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address, aka SPR KLYH87LLVJ. Múltiples desbordamientos de búfer basados en la pila en los servicios (1) POP3 y (2) IMAP en IBM Lotus Domino permite a atacantes remotos ejecutar código de su elección a través de caracteres no imprimibles en una dirección del remitente, también conocido como SPR KLYH87LLVJ. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the POP3 and IMAP services while processing malformed e-mails. The vulnerable code expands specific non-printable characters within a "mail from" command without allocating adequate space. • http://secunia.com/advisories/43224 http://www-01.ibm.com/support/docview.wss?uid=swg21461514 http://www.securityfocus.com/archive/1/516232/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-045 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 0CVE-2011-0918 – IBM Lotus Domino Calendar Request Attachment Name Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0918
Stack-based buffer overflow in the NRouter (aka Router) service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long filenames associated with Content-ID and ATTACH:CID headers in attachments in malformed calendar-request e-mail messages, aka SPR KLYH87LKRE. Desbordamiento de búfer basado en pila en el servicio NRouter (también conocido como Router) de IBM Lotus Domino permite a atacantes remotos ejecutar código de su elección a través de nombres largos de archivo asociado con cabeceras Content-ID y ATTACH:CID en los archivos adjuntos con peticiones de calendario mal formadas en mensajes de correo electrónico, también conocido como SPR KLYH87LKRE. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NRouter service while transporting malformed e-mails. The vulnerable code copies data from the ATTACH:CID and Content-ID headers within an e-mail into a fixed length stack buffer. • http://secunia.com/advisories/43224 http://www-01.ibm.com/support/docview.wss?uid=swg21461514 http://zerodayinitiative.com/advisories/ZDI-11-046 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 93%CPEs: 1EXPL: 2CVE-2011-0917 – IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0917
Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX. Desbordamiento de búfer en nLDAP.exe en IBM Lotus Domino permite a atacantes remotos ejecutar código de su elección a través de una operación "LDAP Bind", también conocido como SPR KLYH87LMVX. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the nLDAP.exe component which listens by default on TCP port 389. When handling the an LDAP Bind Request packet the process blindly copies user supplied data into an undersized shared memory buffer. • https://www.exploit-db.com/exploits/16190 http://secunia.com/advisories/43224 http://www-01.ibm.com/support/docview.wss?uid=swg21461514 http://www.exploit-db.com/exploits/16190 http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=23&Itemid=23 http://zerodayinitiative.com/advisories/ZDI-11-047 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •