CVE-2011-0920
IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS.
La consola remota en IBM Lotus Domino, cuando se utiliza una determinada configuración no compatible implicada en rutas de acceso UNC, permite a atacantes remotos evitar la autenticación y ejecutar código de su elección a través de vectores no especificados, también conocido como SPR PRAD89WGRS.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Lotus Domino Server Controller. Authentication is not required to exploit this vulnerability.
The flaw exists within the remote console functionality which listens by default on TCP port 2050. When handling A user authentication the server uses a user supplied COOKIEFILE path to retrieve stored credentials. The application then compares this data against the user provided username and cookie. The path to the COOKIEFILE can be a UNC path allowing the attacker to control both the known good credentials and the challenge credentials. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-02-08 CVE Reserved
- 2011-02-08 CVE Published
- 2011-11-30 First Exploit
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-287: Improper Authentication
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/18179 | 2011-11-30 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21461514 | 2011-02-14 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ibm Search vendor "Ibm" | Lotus Domino Search vendor "Ibm" for product "Lotus Domino" | * | - |
Affected
|