header-logo
Suggest Exploit
vendor:
Lotus Domino
by:
Dominic Chell & prdelka
7.5
CVSS
HIGH
Remote Exploit
Unknown
CWE
Product Name: Lotus Domino
Affected Version From: 6.5.2004
Affected Version To: 7.0.2 && 6.5.5 FP2
Patch Exists: NO
Related CWE: Unknown
CPE: cpe: /a:ibm:lotus_domino
Metasploit:
Other Scripts:
Platforms Tested: Windows 2000 Advanced Server x86
Unknown

Lotus Domino IMAP4 Server Release 6.5.4 / Windows 2000 Advanced Server x86 Remote Exploit

The exploit takes advantage of a vulnerability in IBM Lotus Domino versions 7.0.2 and 6.5.5 FP2. It allows an attacker to execute arbitrary code on the server by manipulating the ECX register and using a buffer overflow.

Mitigation:

Upgrade to a non-vulnerable version of IBM Lotus Domino.
Source

Exploit-DB raw data: