header-logo
Suggest Exploit
vendor:
Lotus Domino Server
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Lotus Domino Server
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

Remote Denial of Service Vulnerability in IBM Lotus Domino Server Web Service

A remote denial of service vulnerability affects IBM Lotus Domino Server web service. This issue is due to a failure of the application to properly handle malformed network requests. An attacker may leverage this issue to crash the nHTTP.EXE web service, denying service to legitimate users by sending a GET request with a long string (~330) of UNICODE decimal value 430 characters.

Mitigation:

Please see the referenced IBM technote for more information.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13045/info

A remote denial of service vulnerability affects IBM Lotus Domino Server web service. This issue is due to a failure of the application to properly handle malformed network requests.

IBM has denied that this issue is a vulnerability and they have reported conflicting details regarding it. Please see the referenced IBM technote for more information.

An attacker may leverage this issue to crash the nHTTP.EXE web service, denying service to legitimate users. 

GET /cgi-bin/[xxx] HTTP/1.0
Host: 10.10.0.100

Where [xxx] represents a long string (~330) of UNICODE decimal value 430 characters.

Navigation

Suggest Exploit

Services By CQR