The host is running IBM Lotus Domino Server and is prone to remote buffer overflow vulnerabilities.

Successful exploitation may allow remote attackers to execute arbitrary code in the context of the Lotus Domino server process. Impact Level: Application/System

Upgrade to IBM Lotus Domino version 8.5.3 or later For updates refer to http://www-01.ibm.com/software/lotus/products/domino/

The multiple flaws are due to, - Error in 'ndiiop.exe' in the DIIOP implementation, which allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request. - Integer signedness error in 'ndiiop.exe' in the DIIOP implementation, which allows remote attackers to execute arbitrary code via a GIOP client request. - Error in 'nrouter.exe', which allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar meeting request.

IBM Lotus Domino versions prior to 8.5.3

• http://secunia.com/advisories/43208
• http://www-01.ibm.com/support/docview.wss?uid=swg21461514
• http://zerodayinitiative.com/advisories/ZDI-11-052/
• http://zerodayinitiative.com/advisories/ZDI-11-053/

---

Updated on 2015-03-25