CVE-2008-2499
IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL.
Desbordamiento de búfer basado en pila en el Community Services Multiplexer (también conocido como MUX o StMux.exe) de IBM Lotus Sametime 7.5.1 CF1 y anteriores, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar código de su elección mediante una URL manipulada.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Sametime. Authentication is not required to exploit this vulnerability.
The specific flaw exists in the handling of long URLs in the Community Services Multiplexer (StMux.exe) listening on TCP port 1533. A specially crafted URL can be passed into a vulnerable sscanf() function that will result in a stack overflow resulting in the ability to execute arbitrary code.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-05-21 CVE Published
- 2008-05-21 First Exploit
- 2008-05-29 CVE Reserved
- 2024-07-11 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/30309 | Third Party Advisory | |
| http://www.securitytracker.com/id?1020093 | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2008/1595/references | Third Party Advisory | |
| http://www.zerodayinitiative.com/advisories/ZDI-08-028 | Third Party Advisory |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42575 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/31820 | 2008-05-21 | |
| https://www.exploit-db.com/exploits/16696 | 2010-05-09 | |
| http://www.securityfocus.com/bid/29328 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21303920 | 2018-10-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | <= 7.5 Search vendor "Ibm" for product "Lotus Sametime" and version " <= 7.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | >= 8.0 < 8.0.1 Search vendor "Ibm" for product "Lotus Sametime" and version " >= 8.0 < 8.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 7.5.1 Search vendor "Ibm" for product "Lotus Sametime" and version "7.5.1" | cf1 |
Affected
| ||||||