Isn't the ECL merely based on string matching of the signer
rather than checking a certificate or an encrypted key?
The ECL elements are strings, but the execution controlling itself is based
on digital signatures.
If somebody signs a piece of program-code with a fake "Lotus Notes Template
Technote # 184674 QA: BugTraq "Lotus Notes Stored Form Vulnerability"
http://support.lotus.com/sims2.nsf/eb5fbc0ab175cf0885256560005206cf/89e023ae7ee59e5d852569f90059fd5e?OpenDocument
* Title: QA: BugTraq "Lotus Notes Stored Form
Morning all, well afternoon, or infact evening!
Well I have now realised thanks to a few people that this 'exploit' is nothing new, I
actually didn't think it was! - it just seemed to simple too be new, but when I
searched for any information upon it, I came up empty - which is why I posted
most
templates in use on the client?
"Felix Grushevsky" [EMAIL PROTECTED] le 02/13/2001 09:06:09 AM
Pour :Security Advisory/VMD/desjardins@VMD
cc :
Objet : Re: Lotus Notes Stored Form Vulnerability
Guys,
Again - setup ECL and try it again. Notes has Execution Control List
[EMAIL PROTECTED]
Pour :[EMAIL PROTECTED]
Objet : Re: Lotus Notes Stored Form Vulnerability
Yeah I can confirm this works. I tested this awhile ago. Used the
postopen event and utilized LotusScripts ability to access open APIs.
I successfully was able to remotely reboot a users computer
List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:
Subject: Lotus Notes Stored Form Vulnerability
_
Security Advisory: Lotus Notes Stored Form Vulnerability
Date: 8th February 2001
Author
_
Security Advisory:Lotus Notes Stored Form Vulnerability
Date: 8th February 2001
Author: Chris Jones (aka dp) [EMAIL PROTECTED]
Versions Affected:At present only Lotus