IBM denies report of new DoS vulnerability in Domino

Article

IBM denies report of new DoS vulnerability in Domino

Peter Bochner

iDefense Labs Inc., a seven-year-old provider of security intelligence services has reported a denial of service (DoS) vulnerability in a Lotus Domino Server 6.5.1 Web service that allows attackers to crash the service. The problem exists within the module NLSCCSTR.DLL.

According to the vulnerability report, Lotus Domino Server 6.03 and earlier versions are also vulnerable to the attack, which prevents legitimate access. However, Reston, Va.-based iDefense confirmed that Lotus Domino Server version 6.5.3 is not affected.

    Requires Free Membership to View

    Login

    Register today to access targeted resources from our editorial writers and independent industry experts focused on Lotus Domino, Notes, Workplace and other related technologies.

    By submitting your registration information to SearchDomino.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchDomino.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

IBM has released a technote for this issue that says that it has been unable to reproduce the event and has therefore not released any patches. According to the technote, "Customers should consider upgrading to Lotus Domino Server version 6.5.3, which iDefense has confirmed as being not vulnerable."

A person who wants to remain anonymous, according to iDefense, first disclosed the vulnerability in February. IBM was then notified and responded on Feb. 9. The problem was not publicly disclosed until April 6.

iDefense Labs said the attack requires minimal resources to launch and can be repeated to ensure that an unpatched computer is unable to recover. The company further said that although a successful attack does not generate error messages in the NSERVER terminal, the nHTTP.exe process has indeed crashed. Restarting Domino Server will resume normal functionality, the company said.

The vulnerability report was first disclosed in February by a person who, according to iDefense, wants to remain anonymous. IBM was then notified and responded on Feb. 9. The problem was not publicly disclosed until April 6.

According to iDefense Labs, the attack requires minimal resources to launch and can be repeated to ensure that an un-patched computer is unable to recover. The company further said that although a successful attack does not generate error messages in the NSERVER terminal, the nHTTP.exe process has indeed crashed. Restarting Domino Server will resume normal functionality, the company said.


Back to top