IBM Lotus Domino Server Web Service Remote Denial Of Service Vulnerability
BID:13045
Info
IBM Lotus Domino Server Web Service Remote Denial Of Service Vulnerability
| Bugtraq ID: | 13045 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2005-0986 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 06 2005 12:00AM |
| Updated: | Jul 12 2009 05:56PM |
| Credit: | The discoverer of this vulnerability wishes to remain anonymous. |
| Vulnerable: |
IBM Lotus Domino 6.5.1 |
| Not Vulnerable: |
IBM Lotus Domino 6.5.3 |
Discussion
IBM Lotus Domino Server Web Service Remote Denial Of Service Vulnerability
A remote denial of service vulnerability affects IBM Lotus Domino Server web service. This issue is due to a failure of the application to properly handle malformed network requests.
IBM has denied that this issue is a vulnerability and they have reported conflicting details regarding it. Please see the referenced IBM technote for more information.
An attacker may leverage this issue to crash the nHTTP.EXE web service, denying service to legitimate users.
A remote denial of service vulnerability affects IBM Lotus Domino Server web service. This issue is due to a failure of the application to properly handle malformed network requests.
IBM has denied that this issue is a vulnerability and they have reported conflicting details regarding it. Please see the referenced IBM technote for more information.
An attacker may leverage this issue to crash the nHTTP.EXE web service, denying service to legitimate users.
Exploit / POC
IBM Lotus Domino Server Web Service Remote Denial Of Service Vulnerability
No exploit is required to leverage this issue. The following proof of concept GET request has been provided:
GET /cgi-bin/[xxx] HTTP/1.0
Host: 10.10.0.100
Where [xxx] represents a long string (~330) of UNICODE decimal value 430 characters.
No exploit is required to leverage this issue. The following proof of concept GET request has been provided:
GET /cgi-bin/[xxx] HTTP/1.0
Host: 10.10.0.100
Where [xxx] represents a long string (~330) of UNICODE decimal value 430 characters.
Solution / Fix
IBM Lotus Domino Server Web Service Remote Denial Of Service Vulnerability
Solution:
IBM has released technote 1202446 dealing with this issue. IBM claims that it is not a vulnerability as they were unable to reproduce it. It is likely that this is related to their description of the issue in the technote and that it is not congruent with that of iDEFENSE.
iDEFENSE has reported that version 6.5.3 is not vulnerable to this issue. Customers should contact the vendor for more information on obtaining the updated version.
Solution:
IBM has released technote 1202446 dealing with this issue. IBM claims that it is not a vulnerability as they were unable to reproduce it. It is likely that this is related to their description of the issue in the technote and that it is not congruent with that of iDEFENSE.
iDEFENSE has reported that version 6.5.3 is not vulnerable to this issue. Customers should contact the vendor for more information on obtaining the updated version.
References
IBM Lotus Domino Server Web Service Remote Denial Of Service Vulnerability
References:
References: