IBM denies report of new DoS vulnerability in Domino

"Security intelligence" provider iDEFENSE reported a denial of service vulnerability in a Lotus Domino Server web service that allows attackers to crash the service, thereby preventing legitimate access. The problem is said to specifically exist within the module NLSCCSTR.DLL. IBM denies the report of this new DoS vulnerability.

iDefense Labs Inc., a seven-year-old provider of security intelligence services has reported a denial of service (DoS) vulnerability in a Lotus Domino Server 6.5.1 Web service that allows attackers to crash the service. The problem exists within the module NLSCCSTR.DLL.

According to the vulnerability report, Lotus Domino Server 6.03 and earlier versions are also vulnerable to the attack, which prevents legitimate access. However, Reston, Va.-based iDefense confirmed that Lotus Domino Server version 6.5.3 is not affected.

IBM has released a technote for this issue that says that it has been unable to reproduce the event and has therefore not released any patches. According to the technote, "Customers should consider upgrading to Lotus Domino Server version 6.5.3, which iDefense has confirmed as being not vulnerable."

A person who wants to remain anonymous, according to iDefense, first disclosed the vulnerability in February. IBM was then notified and responded on Feb. 9. The problem was not publicly disclosed until April 6.

iDefense Labs said the attack requires minimal resources to launch and can be repeated to ensure that an unpatched computer is unable to recover. The company further said that although a successful attack does not generate error messages in the NSERVER terminal, the nHTTP.exe process has indeed crashed. Restarting Domino Server will resume normal functionality, the company said.

The vulnerability report was first disclosed in February by a person who, according to iDefense, wants to remain anonymous. IBM was then notified and responded on Feb. 9. The problem was not publicly disclosed until April 6.

According to iDefense Labs, the attack requires minimal resources to launch and can be repeated to ensure that an un-patched computer is unable to recover. The company further said that although a successful attack does not generate error messages in the NSERVER terminal, the nHTTP.exe process has indeed crashed. Restarting Domino Server will resume normal functionality, the company said.

Dig deeper on Lotus Notes Domino Security

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchWinIT

Search400

  • iSeries tutorials

    Search400.com's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...

SearchEnterpriseLinux

SearchVirtualDataCentre.co.UK

Close