Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93115 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

IBM Lotus Notes advisories/updates

Started by AplusWebMaster , Oct 23 2007 09:33 AM

  • Please log in to reply
5 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 23 October 2007 - 09:33 AM

FYI...

- http://secunia.com/advisories/27279/
Release Date: 2007-10-23
Critical: Highly critical
Impact: Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch
Software: IBM Lotus Notes 6.x, IBM Lotus Notes 7.x ...
Solution: Update to version 7.0.3 or 8.0.
NOTE: Version 8.0 does not fix the vulnerability in wp6sr.dll.
http://www-306.ibm.c...tral/index.html ...

http://www-1.ibm.com...uid=swg21271111
"...Fixed in Lotus Notes 7.0.3 / Proposed for 8.0.1..."

.

Edited by AplusWebMaster, 07 June 2008 - 03:57 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove

#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 27 November 2007 - 09:33 AM

FYI...

IBM Lotus Notes Lotus 1-2-3 vuln - patch available
- http://secunia.com/advisories/27835/
Release Date: 2007-11-27
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: IBM Lotus Notes 7.x, IBM Lotus Notes 8.x
...The vulnerability is reported in versions 7.0 and 8.0.
Solution: Lotes Notes 7.x/8.x: Contact IBM Support for patches.
Original Advisory: IBM:
http://www-1.ibm.com...uid=swg21285600

.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 20 February 2008 - 06:57 AM

FYI...

IBM Lotus Notes Java vuln - workaround available
- http://secunia.com/advisories/29035/
Release Date: 2008-02-20
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Workaround
Software: IBM Lotus Notes 6.x, IBM Lotus Notes 7.x
...The vulnerability is reported in versions 6.5.6 and 7.0.
Solution: Version 7.0.2 reportedly includes the JVM fix. The vendor recommends disabling "Enable Java access from JavaScript"...
Original Advisory:
http://www-1.ibm.com...uid=swg21257249

Also see:
- http://secunia.com/advisories/29031/
Release Date: 2008-02-20
Critical: Less critical
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Workaround
Software: IBM Lotus Notes 6.x, IBM Lotus Notes 7.x, IBM Lotus Notes 8.x
Original Advisory:
http://www-1.ibm.com...uid=swg21257250

:ph34r:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 27 May 2008 - 03:55 AM

FYI...

- http://secunia.com/advisories/30309/
Release Date: 2008-05-22
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: IBM Lotus Sametime 7.x, IBM Lotus Sametime 8.x
...Successful exploitation may allow execution of arbitrary code.
Solution: Update to version 8.0.1 or apply hotfix ICAE-7DPP83 for Lotus Sametime 7.5.1 Cumulative Fix 1 (CF1). Contact IBM support for the patch if Sametime 7.5.1 CF1 is not deployed or if unable to update to 8.0.1.
http://preview.tinyurl.com/5s6mz9
Original Advisory:
IBM: http://www-1.ibm.com...uid=swg21303920

- http://www.us-cert.g...e_vulnerability
May 22, 2008

- http://isc.sans.org/...ml?storyid=4460
Last Updated: 2008-05-26 23:54:12 UTC - "Take a look at port 1533*. That's quite an increase in targeted computers reporting via DShield over the past few days..."

* http://isc.sans.org/....html?port=1533
"...tcp 1533 used by Lotus Sametime for chat and awareness..."

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#5 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 27 August 2009 - 12:08 PM

FYI...

IBM Lotus Notes Buffer Overflow in Processing Excel Attachments Lets Remote Users Execute Arbitrary Code
- http://securitytrack...ug/1022769.html
Date: Aug 25 2009
Version(s): 6.5, 7.0, 8.0, 8.5
Description: A vulnerability was reported in IBM Lotus Notes. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted Microsoft Excel file attachment that, when double-clicked and viewed by the target user, will trigger a buffer overflow in keyview and execute arbitrary code on the target system. The code will run with the privileges of the target user...
Solution: The vendor has issued a patch, available from IBM customer support...
Vendor URL: http://www-01.ibm.co...uid=swg21396492 ...

:ph34r:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#6 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 29 July 2010 - 06:01 AM

FYI...

IBM Lotus Notes multiple vulns - updates available
- http://securitytrack...ul/1024261.html
Date: Jul 29 2010
CVE Reference: CVE-2009-3032, CVE-2010-0126, CVE-2010-0131, CVE-2010-0133, CVE-2010-0135, CVE-2010-1524, CVE-2010-1525
Version(s): prior to 8.5.2
Solution: The vendor has issued a fix (8.5.2; see patch matrix in vendor's advisory for additional fixed versions).
Vendor URL: http://www-01.ibm.co...uid=swg21440812

- http://secunia.com/advisories/38704/
Release Date: 2010-07-28
Criticality level: Highly critical
Impact: System access
Where: From remote
... The vulnerabilities are confirmed in version 8.5. Other versions may also be affected.
Solution: Apply patch for versions 8.5.1, 8.0x, and 7.0x...
IBM: http://www-01.ibm.co...uid=swg21440812

:ph34r:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics

Back to Archive Old Updates · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Discussion
  3. Updates To Software
  4. Archive Old Updates
  5. Privacy Policy
  6. Terms of Use ·