IBM Lotus Domino Web Service Can Be Crashed With Specially Crafted URLs
|
|
SecurityTracker Alert ID: 1018189 |
|
SecurityTracker URL: http://securitytracker.com/id/1018189
|
|
CVE Reference:
CVE-2007-0067
(Links to External Site)
|
Date: Jun 5 2007
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 6.0, 6.5, 7.0
|
Description:
A vulnerability was reported in IBM Lotus Domino. A remote user can cause denial of service conditions.
A remote user can request specially crafted URLs that reference particular files to cause the target web service to crash.
|
Impact:
A remote user can cause the web service to crash.
|
Solution:
The vendor has issued fixed versions (6.5.6, 6.5.5 Fix Pack 3, and 7.0.2 Fix Pack 2). The fix will also be included in Lotus Domino 7.0.3.
The IBM advisory is available at:
http://www-1.ibm.com/support/docview.wss?uid=swg21257251
|
Vendor URL: www-1.ibm.com/support/docview.wss?uid=swg21257251 (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
Linux (Any), UNIX (AIX), UNIX (Solaris - SunOS), Windows (Any), z/OS
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 4 Jun 2007 22:50:52 -0400
Subject: IBM Lotus Domino
|
http://www-1.ibm.com/support/docview.wss?uid=swg21257251
CVE-2007-0067
|
|
