Lotus Domino HPRAgentName Stack Overflow

Added: 07/08/2011

Background

IBM Lotus Domino is a messaging and collaboration solution for multiple platforms.

Problem

The WebAdmin.nsf resource on the Domino web service contains a buffer overflow vulnerability.

Resolution

No patch is available at this time.

References

http://www-10.lotus.com/ldd/r5fixlist.nsf/Public/7BE022D035F58F8D8525786F007EC417?OpenDocument
http://www.research.reversingcode.com/index.php/advisories/73-ibm-ssd-1012211

Limitations

This exploit has been tested against IBM Lotus Domino 8.5 on Windows Server 2003 SP2 English (DEP AlwaysOff). This exploit requires valid credentials for an account that is able to access the /webadmin.nsf resource.

Platforms

Windows

Back to exploit index