Family: Denial of Service --> Category: denial
Lotus Domino SMTP Server Malformed vcal Denial of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks version of Lotus Domino SMTP server
Detailed Explanation for this Vulnerability Test
The remote SMTP server is susceptible to a denial of service attack.
The remote host is running Lotus Domino, a messaging and collaboration
According to the version number in its banner, the SMTP server bundled
with Lotus Domino on the remote host reportedly suffers from a denial
of service flaw. Specifically, the routing server will consumes 100%
of the CPU when attempting to process a malformed 'vcal' meeting
request. An unauthenticated attacker may be able to leverage this
issue to deny service to legitimate users.
See also :
Upgrade to Lotus Domino 6.5.4 FP1, 6.5.5 or 7.0 or later.
Medium / CVSS Base Score : 4.9
Click HERE for more information and discussions on this network vulnerability scan.