Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2003-0178

Disclosure Date: April 02, 2003
CVE-2003-0178
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

Products

Weaknesses

References

Canonical
CVE-2003-0178 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0178)
BID-6870 (http://www.securityfocus.com/bid/6870)
BID-6871 (http://www.securityfocus.com/bid/6871)
Advisory
20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) (http://marc.info?l=bugtraq&m=104550063431463&w=2)
VU#772817 (http://www.kb.cert.org/vuls/id/772817)
20030217 Domino Advisories UPDATE (http://marc.info?l=bugtraq&m=104550335103136&w=2)
20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) (http://marc.info?l=bugtraq&m=104550063431461&w=2)
VU#542873 (http://www.kb.cert.org/vuls/id/542873)
CA-2003-11 (http://www.cert.org/advisories/CA-2003-11.html)
XF-lotus-domino-hostname-bo(11337) (https://exchange.xforce.ibmcloud.com/vulnerabilities/11337)
VU#206361 (http://www.kb.cert.org/vuls/id/206361)
XF-lotus-domino-inotes-bo(11336) (https://exchange.xforce.ibmcloud.com/vulnerabilities/11336)
Miscellaneous
20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) (http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html)
20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) (http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html)
20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) (http://marc.info?l=ntbugtraq&m=104558777531350&w=2)
20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) (http://marc.info?l=ntbugtraq&m=104558777331345&w=2)
20030217 Domino Advisories UPDATE (http://marc.info?l=ntbugtraq&m=104558778331387&w=2)
N-065 (http://www.ciac.org/ciac/bulletins/n-065.shtml)
20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) (http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html)
http://www.nextgenss.com/advisories/lotus-hostlocbo.txt
http://www.nextgenss.com/advisories/lotus-inotesoflow.txt

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis