|
Family: Denial of Service --> Category: denial
Lotus Domino SMTP Server Malformed vcal Denial of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks version of Lotus Domino SMTP server
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote SMTP server is susceptible to a denial of service attack.
Description :
The remote host is running Lotus Domino, a messaging and collaboration
application suite.
According to the version number in its banner, the SMTP server bundled
with Lotus Domino on the remote host reportedly suffers from a denial
of service flaw. Specifically, the routing server will consumes 100%
of the CPU when attempting to process a malformed 'vcal' meeting
request. An unauthenticated attacker may be able to leverage this
issue to deny service to legitimate users.
See also :
http://www.securityfocus.com/advisories/10761
http://www.nessus.org/u?3532045c
Solution :
Upgrade to Lotus Domino 6.5.4 FP1, 6.5.5 or 7.0 or later.
Threat Level:
Medium / CVSS Base Score : 4.9
(AV:L/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|