Lotus Notes lädt Code von fremden Systemen nach

by Volker Weber

Durch eine Sicherheitslücke in IBMs Groupware-Lösung Lotus Notes können Angreifer unter bestimmten Umständen verwundbaren Clients dazu bringen, beliebigen Code über das Netzwerk zu laden und auszuführen. Dazu genügt es, ein manipuliertes HTML-Dokument zu öffnen. Die Schwachstelle ist in den Versionen 6.0.3 und 6.5 zu finden. IBM hat dazu ein Advisory veröffentlicht und weist darauf hin, dass der Fehler in 6.0.4 and 6.5.2 behoben ist.

More >

2004-06-24 :: email :: bookmark :: digg

Comments

Aber der viel spannendere Link ist doch der: http://www.heise.de/security/news/foren/go.shtml?list=1&forum_id=59201 :-)

Wolfgang, 2004-06-24 17:52

Ach was, das ist doch immer das selbe. :-)

Volker Weber, 2004-06-24 18:02

Post a comment











Shall I remember this for you?




Use your full name and a working email address. Unless you want your comment to be removed. No kidding.



Recent comments

Ben Poole on It has only been less than two hours at 09:44
Frank L. Quednau on It has only been less than two hours at 09:29
Martin Hiegl on It has only been less than two hours at 08:27
Stephan H. Wissel on Notes.ini parameter RunFaster=1 is finally here at 05:24
Volker Weber on It has only been less than two hours at 01:33
Thomas "Duffbert" Duff on It has only been less than two hours at 01:26
Chris Linfoot on Planet Lotus not picking up Christopher's feed at 21:56
Yancy Lent on Planet Lotus not picking up Christopher's feed at 19:48
Bruce Elgort on Robin Bloor: Why Google Chrome Will Dominate at 18:51
Mac Guidera on Planet Lotus not picking up Christopher's feed at 16:04
Kevan Emmott on 824 Chrome users so far today at 15:56
Chris Linfoot on Planet Lotus not picking up Christopher's feed at 14:54
Lars Berntrop-Bos on Planet Lotus not picking up Christopher's feed at 13:12
Andreas Braukmann on 824 Chrome users so far today at 11:33
Nick Daisley on Robin Bloor: Why Google Chrome Will Dominate at 10:14
Chris Linfoot on Planet Lotus not picking up Christopher's feed at 09:42
Alper Iseri on 824 Chrome users so far today at 09:38
Jean Pierre Wenzel on 824 Chrome users so far today at 08:37
Jan-Piet Mens on Robin Bloor: Why Google Chrome Will Dominate at 08:26
Benjamin Stein on Synchronizing iPhone with ... Lotus Notes at 07:18
Greg Walrath on Party like it's 2008 at 06:56
Andy Brunner on Party like it's 2008 at 05:41
Michelle O'Rorke on Synchronizing iPhone with ... Lotus Notes at 05:01
Arthur Fontaine on Chrome in the wild at 03:26
Yancy Lent on Planet Lotus not picking up Christopher's feed at 02:15

Ceci n'est pas un blog

vowe.net is a personal website published by Volker Weber a.k.a. vowe. I am an author, consultant and systems architect based in Darmstadt, Germany.

rss Click here to subscribe

Hello

About me
Contact
Publications
Certificates
Frequently asked questions

Twitter Updates

More >

Poll

Can you bring a camera phone to work?

Getting poll results. Please wait...

Local time is 10:28

visitors.gif
188 visitors online

News

Other sources of news, imported into my own format to make them more accessible:

Heise Online
Schlagzeilen
Weather

Archives

As most of my articles roll off the front page rather quickly, I am making an archive of previous posts available here. You can also use the handy search box at the top of the page if you are looking for something particular.

Last 30 days
More archives

Got the T-shirt?

Got the T-shirt?
Are you buying from the US?

Systems Architecture

This site runs on an Apache web server on top of the Linux operating system. The content is managed with MovableType which is implemented in Perl. Last but not least the HTML code your browser sees is put together with PHP.

© 1992-2008 Volker Weber.
All Rights Reserved.

Impressum