Lotus Software Information for VU#772817
Lotus Domino Web Server vulnerable to buffer overflow via non-existent "h_SetReturnURL" parameter with an overly long "Host Header" field
- Vendor Information Help Date Notified: 15 Jan 2003
- Statement Date:
- Date Updated: 17 Mar 2003
Status
Affected
Vendor Statement
Lotus Domino Web Server Host/Location Buffer Overflow
NISR17022003a
http://www.nextgenss.com/advisories/lotus-hostlocbo.txt
KSPR5HTLW6
Status 5.x: Not vulnerable
Status 6.x: Fixed in 6.0.1, Workaround for 6.0
Document #: 1104529
http://www.ibm.com/support/docview.wss?rs=463&uid=swg21104529
VU#772817
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.