Making Sametime work on iOS
Wed, Feb 1st 2012 12:58a Dennis van Remortel *warning: high sarcasm levels*
We wanted to use the Sametime iOS client for our iPad, so we installed Sametime 8.5.2 and applied IFR 1. Then we created PMR's, PMR's, PMR's and PMR's, and now I can inform you of the "well documented" steps you have to take after installing the software.
Step 0: Get the latest version of the iOS app (or install updates). There are some mighty important fixes in there (part of which coming from my forementioned PMR's).
Step 1: Creating a Proxy Serve [read] Keywords: domino
ibm
ldd
lotus
sametime
database
iphone
server
137
IBM Lotus Domino RPC Operation Denial of Service Vulnerability
Tue, Jan 3rd 2012 12:31a Dennis van Remortel According to the IBM page about this: "If an attacker can monitor and record all communications between a Notes client and a Domino server then it is possible to crash the Domino server by modifying a specific packet, in a specific way, during a specific operation.", so a relatively low threat. Upgrade to 8.5.3 if you can, if not (because of the server changes in 8.5.3) upgrade to 8.5.2 FP4.
Source: SecurityFocus
IBM Lotus Domino RPC Operation Denial of Service Vulnerability
[read] Keywords: domino
ibm
lotus
notes
notes client
application
network
security
server
IBM Sametime client for iOS
Tue, Nov 22nd 2011 12:38a Dennis van Remortel Finally, IBM has released the mobile client for Sametime. Note the specific version of the Proxy Server you'll need: 8.5.2 IFR 1.
IBM Sametime
Description
*The IBM Sametime Mobile Client for iOS devices requires the Sametime 8.5.2 IFR 1 Proxy Server to be deployed in your infrastructure environment. Please contact your IT department to validate this is the case.*
We are very excited to bring you the IBM Sametime Mobile Client for iOS! This gives you access to IBM's awar [read] Keywords: domino
ibm
sametime
apple
application
desktop
interface
iphone
mobile
server
unified communications
wiki
92
Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x (CVE-2011-3192) -> IBM HTTP Server too!
Thu, Aug 25th 2011 2:18a Dennis van Remortel Go read this, and apply the fixes. Your IBM HTTP server with the Websphere servers is just a rebranded Apache.
Example:
D:IBMbin>Apache.exe -v
Server version: IBM_HTTP_Server/6.0.2.29 Apache/2.0.47
Excerpt below:
Apache HTTPD Security ADVISORY
==============================
Title: Range header DoS vulnerability Apache HTTPD 1.3/2.x
CVE: CVE-2011-3192:
Date: 20110824 1600Z
Product: Apache HTTPD Web Server
Versions: Apache 1.3 all versions, Apache 2 all versi [read] Keywords: domino
ibm
security
server
websphere
IBM Lotus Domino iCalendar Meeting Request Parsing Remote Stack Buffer Overflow Vulnerability
Wed, Jul 20th 2011 6:21a Dennis van Remortel The solution in short: Upgrade to the latest version asap if you use iNotes outward facing. Some issues are fixed in 8.5.3, so beware until then.
Bugtraq ID: 46232
Class: Input Validation Error
CVE: CVE-2011-0915
Remote: Yes
Local: No
Published: Feb 07 2011 12:00AM
Updated: Jul 20 2011 11:10AM
Credit: anonymous
Vulnerable: IBM Lotus Domino 8.0.2
IBM Lotus Domino 8.0.1
IBM Lotus Domino 7.0.4
IBM Lotus Domino 7.0.3 Fix Pack 1 (FP1)
IBM Lotus Domino 7.0.3
IBM [read] Keywords: domino
ibm
inotes
lotus
notes
security
