Vulnerability Note VU#642760

Lotus Domino vulnerable to DoS via large crafted URL request

Original Release date: 12 Jul 2001 | Last revised: 17 Jul 2001

Overview

The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service.

Description

HTTP requests to TCP port 80 consisting of multiple /'s, approximately 8k worth, will result in the consumption of the CPU (99-100%). Typically, 8k of the character "a" results in only 1% of CPU consumption.

Impact

CPU usage is pushed to maximum consumption, with a possible denial of service resulting.

Solution

Upgrade to Notes/Domino 5.0.7 or later. See http://www.notes.net/qmrdown.nsf/QMRWelcome.

Install an application layer filter to detect and block malicious requests.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
LotusAffected16 Oct 200012 Jul 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Our thanks to Defcom Labs, which published an advisory on this and other problems, available at http://www.securityfocus.com/frames/?content=/templates/advisory.html?id=3208.

This document was written by Jason Rafail and is based on information obtained from a Defcom Labs Advisory.

Other Information

  • CVE IDs: Unknown
  • Date Public: 11 Apr 2001
  • Date First Published: 12 Jul 2001
  • Date Last Updated: 17 Jul 2001
  • Severity Metric: 10.50
  • Document Revision: 22

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.