Lotus Domino vulnerable to DoS via crafted unicode GET request

2001-07-23T00:00:00
ID VU:676552
Type cert
Reporter CERT
Modified 2001-07-26T00:00:00

Description

Overview

The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service situation.

Description

Sending a crafted GET request containing numerous unicode characters can trigger a server exception that will crash the Domino server. If qnc.exe is removed from the system, the crash will only affect the web server.


Impact

A server exception will crash the Domino server resulting in a denial of service.


Solution

Upgrade to Notes/Domino 5.0.7 or later. See <http://www.notes.net/qmrdown.nsf/QMRWelcome>.


Install an application layer filter to detect and block malicious requests.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Lotus| | 16 Oct 2000| 12 Jul 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

Credit

Our thanks to Defcom Labs, who published an advisory on this and other problems, available at http://www.securityfocus.com/frames/?content=/templates/advisory.html?id=3208.

This document was written by Jason Rafail and is based on information obtained from a Defcom Labs Advisory.

Other Information

  • CVE IDs: Unknown
  • Date Public: 11 Apr 2001
  • Date First Published: 23 Jul 2001
  • Date Last Updated: 26 Jul 2001
  • Severity Metric: 10.50
  • Document Revision: 14