IBM Lotus Domino Web Access denial of service
| lotus-domino-web-dos (16596) |  Medium Risk |
Description:
Lotus Domino is vulnerable to a denial of service attack, caused by a vulnerability in the Domino Web Access (formerly iNotes) component. By sending a specially-crafted email, a remote attacker could cause the Domino server to crash, once the victim opens the email.
Consequences:
Denial of Service
Remedy:
No remedy available as of July 9, 2011.
References:
- BugTraq Mailing List, Wed Jun 30 2004 - 14:09:59 CDT : DoS against Domino 6.5.1.
- BID-10641: IBM Lotus Domino Server Web Access Malicious Email View Remote Denial Of Service Vulnerability
- BID-16577: IBM Lotus Domino iNotes Multiple HTML and Script Injection Vulnerabilities
- CVE-2004-0668: Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash) via a large e-mail message, as demonstrated using a large image attachment.
Platforms Affected:
- IBM Lotus Domino 6.5.1
Reported:
Jun 30, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net