IBM Lotus Notes User.ID File Key Information Disclosure Vulnerability
BID:20960
Info
IBM Lotus Notes User.ID File Key Information Disclosure Vulnerability
| Bugtraq ID: | 20960 |
| Class: | Design Error |
| CVE: |
CVE-2006-5835 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 08 2006 12:00AM |
| Updated: | Apr 03 2008 11:49PM |
| Credit: | FortConsults Security Research Team is credited with the discovery of this vulnerability |
| Vulnerable: |
IBM Lotus Notes 7.0.1 IBM Lotus Notes 6.5.5 IBM Lotus Notes 6.5.4 IBM Lotus Notes 6.5.3 IBM Lotus Notes 6.5.2 IBM Lotus Notes 6.5.1 IBM Lotus Notes 6.5 IBM Lotus Notes 6.0.5 IBM Lotus Notes 6.0.4 IBM Lotus Notes 6.0.3 IBM Lotus Notes 6.0.2 IBM Lotus Notes 6.0.1 IBM Lotus Notes 6.0 IBM Lotus Notes 5.0.12 IBM Lotus Notes 5.0.3 IBM Lotus Notes 7.0 |
| Not Vulnerable: |
IBM Lotus Notes 7.0.2 IBM Lotus Notes 6.5.5 FP2 |
Discussion
IBM Lotus Notes User.ID File Key Information Disclosure Vulnerability
IBM Lotus Notes is prone to a local information-disclosure vulnerability because it fails to protect sensitive information from unprivileged users.
A local attacker may exploit this issue to obtain encryption key data from an unencrypted file that is used by the application. The attacker may then use this information to retrieve further information or to launch other attacks.
Versions prior to IBM Lotus Notes 6.5.5 FP2 and 7.0.2 are vulnerable; other versions may also be affected.
IBM Lotus Notes is prone to a local information-disclosure vulnerability because it fails to protect sensitive information from unprivileged users.
A local attacker may exploit this issue to obtain encryption key data from an unencrypted file that is used by the application. The attacker may then use this information to retrieve further information or to launch other attacks.
Versions prior to IBM Lotus Notes 6.5.5 FP2 and 7.0.2 are vulnerable; other versions may also be affected.
Exploit / POC
IBM Lotus Notes User.ID File Key Information Disclosure Vulnerability
DSquare Security has developed a working commercial exploit for its D2 Exploitation Pack product. This exploit is not otherwise publicly available or known to be circulating in the wild.
DSquare Security has developed a working commercial exploit for its D2 Exploitation Pack product. This exploit is not otherwise publicly available or known to be circulating in the wild.
Solution / Fix
IBM Lotus Notes User.ID File Key Information Disclosure Vulnerability
Solution:
The vendor has released fixes to address this issue; please contact the vendor for details on obtaining these fixes.
Solution:
The vendor has released fixes to address this issue; please contact the vendor for details on obtaining these fixes.
References
IBM Lotus Notes User.ID File Key Information Disclosure Vulnerability
References:
References:
- IBM Lotus Notes Homepage (IBM)
- Lotus Notes Port 1352 Pre-login Information Leakage Advisory (FortConsults Security Research Team)