Signature Detail

APP: IBM Lotus Domino Remote Console Authentication Bypass

This signature detects attempts to exploit a known vulnerability against IBM Lotus Domino. Attackers could bypass security restrictions to gain unauthorized access to user accounts and execute arbitrary code.

Extended Description

IBM Lotus Domino is prone to a remote authentication-bypass vulnerability. Successfully exploiting this issue will allow remote attackers to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition.

Affected Products

• IBM Lotus Domino 4.6.1
• IBM Lotus Domino 4.6.3
• IBM Lotus Domino 4.6.4
• IBM Lotus Domino 5.0
• IBM Lotus Domino 5.0.1
• IBM Lotus Domino 5.0.10
• IBM Lotus Domino 5.0.11
• IBM Lotus Domino 5.0.13
• IBM Lotus Domino 5.0.2
• IBM Lotus Domino 5.0.3
• IBM Lotus Domino 5.0.4
• IBM Lotus Domino 5.0.4A
• IBM Lotus Domino 5.0.5
• IBM Lotus Domino 5.0.6
• IBM Lotus Domino 5.0.6A
• IBM Lotus Domino 5.0.7
• IBM Lotus Domino 5.0.7A
• IBM Lotus Domino 5.0.8
• IBM Lotus Domino 5.0.8A
• IBM Lotus Domino 5.0.9
• IBM Lotus Domino 5.0.9A
• IBM Lotus Domino 6.0.0
• IBM Lotus Domino 6.0.1
• IBM Lotus Domino 6.0.1.1
• IBM Lotus Domino 6.0.1.2
• IBM Lotus Domino 6.0.1.3
• IBM Lotus Domino 6.0.2
• IBM Lotus Domino 6.0.2.1
• IBM Lotus Domino 6.0.2.2
• IBM Lotus Domino 6.0.2 CF2
• IBM Lotus Domino 6.0.3
• IBM Lotus Domino 6.0.4
• IBM Lotus Domino 6.0.5
• IBM Lotus Domino 6.5
• IBM Lotus Domino 6.5.0
• IBM Lotus Domino 6.5.0 .0
• IBM Lotus Domino 6.5.1
• IBM Lotus Domino 6.5.2
• IBM Lotus Domino 6.5.2.1
• IBM Lotus Domino 6.5.2 FP 1
• IBM Lotus Domino 6.5.3
• IBM Lotus Domino 6.5.3.1
• IBM Lotus Domino 6.5.4
• IBM Lotus Domino 6.5.4.3
• IBM Lotus Domino 6.5.4 FP 1
• IBM Lotus Domino 6.5.4 FP 2
• IBM Lotus Domino 6.5.5
• IBM Lotus Domino 6.5.5 FP1
• IBM Lotus Domino 6.5.5 FP2
• IBM Lotus Domino 6.5.5 FP3
• IBM Lotus Domino 6.5.6
• IBM Lotus Domino 7.0.0
• IBM Lotus Domino 7.0.1
• IBM Lotus Domino 7.0.2
• IBM Lotus Domino 7.0.2 FP1
• IBM Lotus Domino 7.0.2 FP2
• IBM Lotus Domino 7.0.2 FP3
• IBM Lotus Domino 7.0.3
• IBM Lotus Domino 7.0.3 Fix Pack 1 (FP1)
• IBM Lotus Domino 7.0.4
• IBM Lotus Domino 8.0
• IBM Lotus Domino 8.0.1
• IBM Lotus Domino 8.0.2
• IBM Lotus Domino 8.0.2.1
• IBM Lotus Domino 8.0.2.2
• IBM Lotus Domino 8.0.2.3
• IBM Lotus Domino 8.0.2.4
• IBM Lotus Domino 8.0.2 Fix Pack 5
• IBM Lotus Domino 8.5
• IBM Lotus Domino 8.5.0
• IBM Lotus Domino 8.5.0.1
• IBM Lotus Domino 8.5.1
• IBM Lotus Domino 8.5.1.1
• IBM Lotus Domino 8.5.1 Fix Pack 2
• IBM Lotus Domino 8.5.2
• IBM Lotus Domino 8.5.2 FP3
• IBM Lotus Domino 8.5.3
• IBM Lotus Domino 8.5 FP1
• IBM Lotus Domino

References

• BugTraq: 46985
• CVE: CVE-2011-1519
• URL: http://www-142.ibm.com/software/sw-lotus/products/product4.nsf/wdocs/dominohomepage