Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Lotus Domino Server < 6.5.3 Web Service Remote DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running a version of Lotus Domino Server's web service that is prone to a denial of service vulnerability. By sending a specially crafted HTTP request with a long string of unicode characters, a remote attacker can crash the nHTTP.exe process, denying service to legitimate users. IBM has released technote number 1202446 for this issue but has been unable to reproduce it.

Solution

Upgrade to version 6.5.3 or higher.