IBM Lotus Domino Agent Signature Verification Local Privilege Escalation Vulnerability
BID:24322
Info
IBM Lotus Domino Agent Signature Verification Local Privilege Escalation Vulnerability
| Bugtraq ID: | 24322 |
| Class: | Design Error |
| CVE: |
CVE-2007-0068 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 04 2007 12:00AM |
| Updated: | Jun 05 2007 08:00PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
IBM Lotus Domino 7.0.2 FP1 IBM Lotus Domino 7.0.2 IBM Lotus Domino 7.0.1 IBM Lotus Domino 7.0 |
| Not Vulnerable: |
IBM Lotus Domino 7.0.2 FP2 |
Discussion
IBM Lotus Domino Agent Signature Verification Local Privilege Escalation Vulnerability
IBM Lotus Domino Server is prone to a privilege-escalation vulnerability because of a design error.
An attacker can exploit this issue to gain administrative access to the database server.
Versions prior to IBM Lotus Domino 7.0.2 Fix Pack 2 (FP2) are vulnerable.
IBM Lotus Domino Server is prone to a privilege-escalation vulnerability because of a design error.
An attacker can exploit this issue to gain administrative access to the database server.
Versions prior to IBM Lotus Domino 7.0.2 Fix Pack 2 (FP2) are vulnerable.
Exploit / POC
IBM Lotus Domino Agent Signature Verification Local Privilege Escalation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
IBM Lotus Domino Agent Signature Verification Local Privilege Escalation Vulnerability
Solution:
The vendor has released version 7.0.2 Fix Pack 2 to address this issue. Please contact the vendor to obtain fixes.
Solution:
The vendor has released version 7.0.2 Fix Pack 2 to address this issue. Please contact the vendor to obtain fixes.
References
IBM Lotus Domino Agent Signature Verification Local Privilege Escalation Vulnerability
References:
References: