Lotus Domino HTTP Authentication Logging Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Lotus Domino HTTP Authentication Logging Buffer Overflow Vulnerability

Lotus Domino is prone to a remotely exploitable buffer-overflow condition. This issue occurs because of insufficient bounds-checking when HTTP Authentication data is logged to the 'DOMLOG.NSF' database. Remote attackers can corrupt sensitive regions of memory with attacker-supplied values, possibly allowing arbitrary code to run.