CVE-2011-0913
Lotus Domino Server diiop getEnvironmentString Remote Code Execution Vulnerability
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache.
Desbordamiento de búfer basado en pila en ndiiop.exe en la aplicación DIIOP en el servidor de IBM Lotus Domino v8.5.3 y anteriores, permite a atacantes remotos ejecutar código de su elección mediante una petición getEnvironmentString de GIOP, relacionado con la caché de varible local.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability.
The flaw exists within the ndiiop.exe component which listens by default on a dynamic TCP port. When handling a GIOP getEnvironmentString request the process blindly copies user supplied argument into an stack buffer while checking the local variable cache. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
*Credits:
Intevydis, http://intevydis.com
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-02-07 CVE Published
- 2011-02-08 CVE Reserved
- 2024-08-06 CVE Updated
- 2024-10-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/43208 | Third Party Advisory | |
| http://zerodayinitiative.com/advisories/ZDI-11-053 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21461514 | 2011-02-23 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | <= 8.5.2.2 Search vendor "Ibm" for product "Lotus Domino" and version " <= 8.5.2.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 4.6.1 Search vendor "Ibm" for product "Lotus Domino" and version "4.6.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 4.6.3 Search vendor "Ibm" for product "Lotus Domino" and version "4.6.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 4.6.4 Search vendor "Ibm" for product "Lotus Domino" and version "4.6.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0 Search vendor "Ibm" for product "Lotus Domino" and version "5.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.1 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.2 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.3 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.4 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.4a Search vendor "Ibm" for product "Lotus Domino" and version "5.0.4a" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.5 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.6 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.6" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.6a Search vendor "Ibm" for product "Lotus Domino" and version "5.0.6a" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.7 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.7" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.7a Search vendor "Ibm" for product "Lotus Domino" and version "5.0.7a" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.8 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.8" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.8a Search vendor "Ibm" for product "Lotus Domino" and version "5.0.8a" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.9 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.9" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.9a Search vendor "Ibm" for product "Lotus Domino" and version "5.0.9a" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.10 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.10" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 5.0.11 Search vendor "Ibm" for product "Lotus Domino" and version "5.0.11" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0 Search vendor "Ibm" for product "Lotus Domino" and version "6.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.1 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.1.1 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.1.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.1.2 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.1.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.1.3 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.1.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.2 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.2.1 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.2.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.2.2 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.2.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.2_cf2 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.2_cf2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.3 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.4 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.0.5 Search vendor "Ibm" for product "Lotus Domino" and version "6.0.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5 Search vendor "Ibm" for product "Lotus Domino" and version "6.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.0 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.1 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.2 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.2.1 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.2.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.3 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.3.1 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.3.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.4 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.4.1 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.4.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.4.2 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.4.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.4.3 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.4.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.5 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 6.5.6 Search vendor "Ibm" for product "Lotus Domino" and version "6.5.6" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0 Search vendor "Ibm" for product "Lotus Domino" and version "7.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.1 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.1.1 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.1.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.2 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.2.1 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.2.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.2.2 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.2.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.2.3 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.2.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.3 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.3.1 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.3.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.4 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.4.1 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.4.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 7.0.4.2 Search vendor "Ibm" for product "Lotus Domino" and version "7.0.4.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.0.1 Search vendor "Ibm" for product "Lotus Domino" and version "8.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.0.2 Search vendor "Ibm" for product "Lotus Domino" and version "8.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.0.2.1 Search vendor "Ibm" for product "Lotus Domino" and version "8.0.2.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.0.2.2 Search vendor "Ibm" for product "Lotus Domino" and version "8.0.2.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.0.2.3 Search vendor "Ibm" for product "Lotus Domino" and version "8.0.2.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.0.2.4 Search vendor "Ibm" for product "Lotus Domino" and version "8.0.2.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.0.2.5 Search vendor "Ibm" for product "Lotus Domino" and version "8.0.2.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.0.2.6 Search vendor "Ibm" for product "Lotus Domino" and version "8.0.2.6" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.5.1 Search vendor "Ibm" for product "Lotus Domino" and version "8.5.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.5.1.1 Search vendor "Ibm" for product "Lotus Domino" and version "8.5.1.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.5.1.2 Search vendor "Ibm" for product "Lotus Domino" and version "8.5.1.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.5.1.3 Search vendor "Ibm" for product "Lotus Domino" and version "8.5.1.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.5.1.4 Search vendor "Ibm" for product "Lotus Domino" and version "8.5.1.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.5.1.5 Search vendor "Ibm" for product "Lotus Domino" and version "8.5.1.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.5.2 Search vendor "Ibm" for product "Lotus Domino" and version "8.5.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | 8.5.2.1 Search vendor "Ibm" for product "Lotus Domino" and version "8.5.2.1" | - |
Affected
| ||||||