Lotus Domino Mail Server 'Policy' Buffer Overflow Vulnerability

Bugtraq ID:	2283
Class:	Boundary Condition Error
CVE:
Remote:	No
Local:	Yes
Published:	Jan 23 2001 12:00AM
Updated:	Jan 23 2001 12:00AM
Credit:	Discovered and posted to Bugtraq by Security Research Team <[email protected]> on Jan 23, 2001.
Vulnerable:	Lotus Domino Mail Server 5.0.5
Not Vulnerable:	Lotus Domino Mail Server 5.0.6

Lotus Domino Mail Server 'Policy' Buffer Overflow Vulnerability

A buffer overflow vulnerability has been reported in Lotus Domino Mail Server. The server fails to properly validate user supplied input to the field which specifies permitted domain names in mail forwarding policy. With the policy feature enabled, specially crafted values input to this field will cause the buffer to overflow and allow the execution of arbitrary code.

Lotus Domino Mail Server 'Policy' Buffer Overflow Vulnerability

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Lotus Domino Mail Server 'Policy' Buffer Overflow Vulnerability

Solution:
Lotus has addressed this issue in Lotus Domino Mail Server 5.0.6:

http://www.notes.net/R5FixList.nsf/5c087391999d06e7852569280062619d/0b8b42b317c59e38852569e00078e62b?OpenDocument&Highlight=0,CMAS4NNLVG

Lotus Domino Mail Server 'Policy' Buffer Overflow Vulnerability

References:

• Domino R5 SMTP Server Buffer Overflows if Domain Restrictions are Enabled (Lotus)
  
• Lotus Domino R5 Mail Server (Lotus)