About Duffbert...

Duffbert's Random Musings is a blog where I talk about whatever happens to be running through my head at any given moment... I'm Thomas Duff, and you can find out more about me here...

Email Me!

Search This Site!

Custom Search

I'm published!

Co-author of the book IBM Lotus Sametime 8 Essentials: A User's Guide
SametimeBookCoverImage.jpg

Purchase on Amazon

Co-author of the book IBM Sametime 8.5.2 Administration Guide
SametimeAdminBookCoverImage.jpg

Purchase on Amazon

MiscLinks

BlogSphere RSS Feed RSS Feed

Downloads

LotusScript Progress Meter
Removing Icons In Workspace
MS Constants Notes database
My Writing/Speaking Credits
Privacy/Disclosure Statement

Visitor Count...



View My Stats

« Product Review - Western Digital My Passport Essential 500 GB USB 2.0 Portable External Hard Drive WDBAAA5000ABK-NESN (Midnight Black) | Main| IBM's Technote on the iCalendar vulnerability »

Full-disclosure - ZDI-10-177: IBM Lotus Domino iCalendar MAILTO Stack Overflow Vulnerability

Category IBM/Lotus
Full-disclosure - ZDI-10-177: IBM Lotus Domino iCalendar MAILTO Stack Overflow Vulnerability
by ZDI Disclosures on 2010-09-14T17:59:13+00:00

ZDI-10-177: IBM Lotus Domino iCalendar MAILTO Stack Overflow Vulnerability

http://www.zerodayinitiative.com/advisories/ZDI-10-177

September 14, 2010

http://www.tippingpoint.com

The specific flaw exists within the nrouter.exe service while processing
a malformed e-mail. The process copies the contents of the MAILTO header
within a calendar request into a fixed size stack buffer. By providing
enough data this buffer can overflow leading to arbitrary code execution
under the context of the SYSTEM user.

http://www-01.ibm.com/support/docview.wss?rsG5&uid=swg21446515

Posted by Thomas 'Duffbert' Duff On 09/15/2010 | | Bookmark and Share

Comments

Gravatar Image1 - based on what just happened to me yesterday, I would suggest it may not have quite been fixed in 852. But we are still digging into it.

Posted by Keith Brooks At 07:57:43 On 15/09/2010 | - Website - |


Gravatar Image2 - 2008-08-26 - Vulnerability reported to vendor
2010-09-14 - Coordinated public release of advisory

Ouch

Posted by Flemming Riis At 12:41:30 On 15/09/2010 | - Website - |


Post A Comment

:-D:-o:-p:-x:-(:-):-\:angry::cool::cry::emb::grin::huh::laugh::lips::rolleyes:;-)

Want to support this blog or just say thanks?

When you shop Amazon, start your shopping experience here.

When you do that, all your purchases during that session earn me an affiliate commission via the Amazon Affiliate program. You don't have to buy the book I linked you to (although I wouldn't complain!). Simply use that as your starting point.

Thanks!

Thomas "Duffbert" Duff

Ads of Relevance...

Monthly Archives