IBM denies report of new DoS vulnerability in Domino

iDefense Labs Inc., a seven-year-old provider of security intelligence services has reported a denial of service (DoS) vulnerability in a Lotus Domino Server 6.5.1 Web service that allows attackers to crash the service. The problem exists within the module NLSCCSTR.DLL.

Download this free guide

Download: IT Certifications 101

Inside this exclusive essential guide, our independent experts break down which IT certifications are worth your time and effort, and how to get started obtaining them to further your career— including specific certifications that any cloud or desktop pro should seriously consider.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

According to the vulnerability report, Lotus Domino Server 6.03 and earlier versions are also vulnerable to the attack, which prevents legitimate access. However, Reston, Va.-based iDefense confirmed that Lotus Domino Server version 6.5.3 is not affected.

IBM has released a technote for this issue that says that it has been unable to reproduce the event and has therefore not released any patches. According to the technote, "Customers should consider upgrading to Lotus Domino Server version 6.5.3, which iDefense has confirmed as being not vulnerable."

A person who wants to remain anonymous, according to iDefense, first disclosed the vulnerability in February. IBM was then notified and responded on Feb. 9. The problem was not publicly disclosed until April 6.

iDefense Labs said the attack requires minimal resources to launch and can be repeated to ensure that an unpatched computer is unable to recover. The company further said that although a successful attack does not generate error messages in the NSERVER terminal, the nHTTP.exe process has indeed crashed. Restarting Domino Server will resume normal functionality, the company said.

The vulnerability report was first disclosed in February by a person who, according to iDefense, wants to remain anonymous. IBM was then notified and responded on Feb. 9. The problem was not publicly disclosed until April 6.

According to iDefense Labs, the attack requires minimal resources to launch and can be repeated to ensure that an un-patched computer is unable to recover. The company further said that although a successful attack does not generate error messages in the NSERVER terminal, the nHTTP.exe process has indeed crashed. Restarting Domino Server will resume normal functionality, the company said.