----------------------------------------------------------------------

Secunia Network Software Inspector 2.0 (NSI) - Public Beta

The Public Beta has ended. Thanks to all that participated.

Learn more:
http://secunia.com/network_software_inspector_2/

----------------------------------------------------------------------

TITLE:
IBM Lotus Sametime Community Services Multiplexer Buffer Overflow

SECUNIA ADVISORY ID:
SA30309

VERIFY ADVISORY:
http://secunia.com/advisories/30309/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

REVISION:
2.0 originally posted 2008-05-22

SOFTWARE:
IBM Lotus Sametime 7.x
http://secunia.com/product/13791/
IBM Lotus Sametime 8.x
http://secunia.com/product/18763/

DESCRIPTION:
A vulnerability has been reported in IBM Lotus Sametime, which can be
exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error within the
Community Services Multiplexer (StMux.exe) when processing long URLs.
This can be exploited to cause a stack-based buffer overflow via e.g.
a specially crafted, overly long HTTP request to the Sametime
server.

Successful exploitation may allow execution of arbitrary code.

SOLUTION:
Update to version 8.0.1 or apply hotfix ICAE-7DPP83 for Lotus
Sametime 7.5.1 Cumulative Fix 1 (CF1). Contact IBM support for the
patch if Sametime 7.5.1 CF1 is not deployed or if unable to update to
8.0.1.
http://www.ibm.com/eserver/support/fixes/fixcentral/swg/quickorder?brandid=2&productid=Lotus%20Sametime&fixes=ST-7.5.1.1-Windows-ICAE-7DPP83

PROVIDED AND/OR DISCOVERED BY:
Manuel Santamarina Suarez, reported via ZDI.

CHANGELOG:
2008-05-22: Added version 8.x in list of affected versions and
updated "Solution" section.

ORIGINAL ADVISORY:
IBM:
http://www-1.ibm.com/support/docview.wss?uid=swg21303920

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-028/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------