1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP IBM Lotus Domino Web Server DOS

HTTP IBM Lotus Domino Web Server DOS

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects a Denial of Service attempt on IBM Lotus Domino webserver.

Additional Information

The webserver included with IBM Lotus Domino is prone to a remote denial-of-service vulnerability because the software fails to properly handle certain HTTP requests.

Specific information regarding the URIs that will trigger this issue, or the actual cause of the resulting crash, is currently unavailable. We will update this BID as more information emerges.

Successfully exploiting this issue allows remote attackers to crash affected webservers, denying further service to legitimate users.

This issue is a regression introduced in version 6.0 of Lotus Domino.

Affected

  • IBM LOTUS DOMINO

Response

The vendor released updates to address this issue. Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube