Lotus Domino for AS/400 SMTP Component Long String Remote DoS

1999-05-04T00:00:00
ID OSVDB:9787
Type osvdb
Reporter Joachim Larsson(joachim.larsson@sigma.se)
Modified 1999-05-04T00:00:00

Description

Vulnerability Description

Lotus Domino contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user connects to port 25 of the vulnerable server and sends a long (200-300 byte) character string. This may result in loss of availability for the service.

Solution Description

Upgrade to version 4.6.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Lotus Domino contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user connects to port 25 of the vulnerable server and sends a long (200-300 byte) character string. This may result in loss of availability for the service.

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1999_2/0349.html ISS X-Force ID: 8790 CVE-1999-1012 Bugtraq ID: 173