Category: IBM
Making Sametime work on iOS
*warning: high sarcasm levels*
We wanted to use the Sametime iOS client for our iPad, so we installed Sametime 8.5.2 and applied IFR 1. Then we created PMR's, PMR's, PMR's and PMR's, and now I can inform you of the "well documented" steps you have to… more »
IBM Lotus Domino RPC Operation Denial of Service Vulnerability
According to the IBM page about this: "If an attacker can monitor and record all communications between a Notes client and a Domino server then it is possible to crash the Domino server by modifying a specific packet, in a specific way, during a specifi… more »
IBM Lotus Domino Remote Console Authentication Bypass Vulnerability
Via SecurityFocus:
Bugtraq ID:
46985
Class:
Unknown
CVE:
CVE-2011-1519
Remote:
Yes… more »
Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x (CVE-2011-3192) -> IBM HTTP Server too!
08/25/11 10:18, by Dennis van Remortel, Categories: Administration, IBM, Websphere, security, Sametime Go read this, and apply the fixes. Your IBM HTTP server with the Websphere servers is just a rebranded Apache.
Example:
D:\IBM\bin>Apache.exe -v
Server version: IBM_HTTP_Server/6.0.2.29 Apache/2.0.47
Excerpt below:
Apach… more »
Vulnerabilities in BlackBerry Enterprise Server components that process images could allow remote code execution
From the blackberry site. I've posted an excerpt below:
Overview
Vulnerabilities exist in components of the BlackBerry Enterprise Server that process PNG and TIFF images for rendering on the BlackBerry smartphone. The BlackBerry® Mobile Data Sys… more »
Extracomm releases a nice freebee: iPhone App for Lotus Notes/Domino Out of Office
My colleague found this on the appstore today, and it might look like a usefull thing for users forgetting their OOO.
If you are using Lotus Traveler, you should find that there is a very important feature missing, i.e. ability to set your Out of… more »
IBM Lotus Domino iCalendar Meeting Request Parsing Remote Stack Buffer Overflow Vulnerability
The solution in short: Upgrade to the latest version asap if you use iNotes outward facing. Some issues are fixed in 8.5.3, so beware until then.
Bugtraq ID: 46232
Class: Input Validation Error
CVE: CVE-2011-0915
Remote: Yes
Local: No… more »
IBM WebSphere Application Server JAX-RPC WS-Security/JAX-WS Runtime Security Bypass Vulnerability
I just saw this in my RSS feeds:
Bugtraq ID: 40322
Class: Design Error
CVE: CVE-2010-0774
Remote: Yes
Local: No
Published: May 11 2010 12:00AM
Updated: Jun 17 2011 04:00PM
Credit: IBM
Vulnerable: IBM Websphere Application Ser… more »
Security enhancements in iNotes 8.5.2 may require configuration changes in environments with reverse proxies
I was playing with the application firewall in the citrix netscaler and I found a cookie I had never seen before to get blocked.
Some quick googling gave me this Technote swg21453878. Please read it if you are using firewall/reverse proxy products in… more »
Potential Security Exposure: IBM WebSphere Commerce using Tivoli Directory Server
All info can be found here
Flash (Alert)
Abstract
There is a potential security exposure in Tivoli Directory Server (TDS) that could affect WebSphere Commerce users.
A malicious LDAP request might cause a buffer overrun in the server, pote… more »
:: Next >>
Yet another Domino/Websphere Admin blog.
About me:
Lotus Notes/Domino Admin
Websphere Commerce Admin
sceptic
critic
About me:
Lotus Notes/Domino Admin
Websphere Commerce Admin
sceptic
critic
XML Feeds
