In association with heise online

08 June 2007, 10:12

Fix Pack eliminates vulnerabilities in IBM’s Lotus Domino

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

IBM has released Fix Pack 2 for Lotus Domino 7.0.2 to eliminate a bug which allows database managers to exploit a vulnerability in agent signature verification to gain administrative privileges on the server. According to IBM’s security advisory on this issue, an attacker must, however, fulfil certain additional conditions to exploit this vulnerability successfully.

Fix Pack 2 eliminates this bug, and the forthcoming Lotus Domino 7.0.3 version will no longer contain this vulnerability.

Fix Pack 2 also removes a DoS vulnerability in Lotus Domino 7.0.2: Accessing certain URLs can cause a Lotus® Domino® Web Server to crash. Lotus Domino 6.5.6. is also affected by this vulnerability, for which a fix is provided with Fix Pack 3.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit