|
|
Family: Denial of Service --> Category: mixed
Lotus Domino Server Web Service Remote Denial Of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for remote denial of service vulnerability in Lotus Domino Server Web Service
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is prone to denial of service attacks.
Description :
The remote host is running a version of Lotus Domino Server's web
service that is prone to a denial of service vulnerability. By
sending a specially crafted HTTP request with a long string of unicode
characters, a remote attacker can crash the nHTTP.exe process, denying
service to legitimate users.
Note that IBM has released technote #1202446 for this issue but has
been unable to reproduce it.
See also :
http://www.securityfocus.com/archive/1/395126
Solution :
Upgrade to Lotus Domino Server version 6.5.3 or later as it
is known to be unaffected.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
