Lotus Domino SMTP Meeting Request Remote Denial of Service Vulnerability

Bugtraq ID:	18020
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2006-0119
Remote:	Yes
Local:	No
Published:	Jun 27 2006 12:00AM
Updated:	Jun 27 2007 09:08PM
Credit:	Ollie Whitehouse <[email protected]> discovered this issue.
Vulnerable:	IBM Lotus Domino 6.5.4 IBM Lotus Domino 6.5.3 IBM Lotus Domino 6.5.2 IBM Lotus Domino 6.5.1 IBM Lotus Domino 6.5 .0 IBM Lotus Domino 6.0.5 IBM Lotus Domino 6.0.4 IBM Lotus Domino 6.0.4 IBM Lotus Domino 6.0.3 IBM Lotus Domino 6.0.2 CF2 IBM Lotus Domino 6.0.2 IBM Lotus Domino 6.0.1 IBM Lotus Domino 6.0 IBM Lotus Domino 5.0.13
Not Vulnerable:	IBM Lotus Domino 7.0 IBM Lotus Domino 6.5.5 IBM Lotus Domino 6.5.4 FP 1

Lotus Domino SMTP Meeting Request Remote Denial of Service Vulnerability

Lotus Domino is prone to a remote denial-of-service vulnerability because it fails to properly handle malformed email.

This issue allows remote attackers to consume excessive CPU resources on affected computers and to block all email delivery until administrators manually remove the malicious message from the mail queue. This will deny further email service to legitimate users.

Restarting the affected service will not clear this problem, because the offending message will remain in the mail queue.

Lotus Domino versions prior to 6.5.4 FP1, 6.5.5, and 7.0 are vulnerable to this issue.

Lotus Domino SMTP Meeting Request Remote Denial of Service Vulnerability

Attackers use standard email utilities to exploit this issue.

Lotus Domino SMTP Meeting Request Remote Denial of Service Vulnerability

Solution:
The vendor has released fixed versions of the affected software to address this issue. Please contact the vendor for information on obtaining and applying fixes.

Lotus Domino SMTP Meeting Request Remote Denial of Service Vulnerability

References:

• Lotus Domino Product Homepage (IBM)
  
• Lotus Domino SMTP-based Denial of Service vulnerability (IBM)