VULHUB ™

iDefense Security Advisory 11.08.06 - Local exploitation of multiple buffer overflow vulnerabilities in IBM's Lotus Domino could allow an attacker to elevate privileges to root. The 'tunekrnl' binary is used to set Linux/proc sysctl settings, allowing Domino to increase the resource limits of the running kernel. It is shipped with the owner set to root and the set-user-id bit on. Since the length of input is improperly validated when copying to fixed-size buffers, buffer overflow can occur.iDefense has confirmed the existence of this vulnerability in version 7.0.1.1 of IBM's Lotus Domino for Linux. Earlier versions may also be vulnerable.

iDefense Security Advisory 11.08.06 - Local exploitation of multiple buffer overflow vulnerabilities in IBM's Lotus Domino could allow an attacker to elevate privileges to root. The 'tunekrnl' binary is used to set Linux/proc sysctl settings, allowing Domino to increase the resource limits of the running kernel. It is shipped with the owner set to root and the set-user-id bit on. Since the length of input is improperly validated when copying to fixed-size buffers, buffer overflow can occur.iDefense has confirmed the existence of this vulnerability in version 7.0.1.1 of IBM's Lotus Domino for Linux. Earlier versions may also be vulnerable.