Denial of Service Vulnerability in Lotus Domino R5 from IBM
CVE-2001-1313

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino R5
Vendor: CVE Published:; 16 July 2001

Summary

Lotus Domino R5 prior to version R5.0.7a is susceptible to a denial of service attack that can lead to a crash of the application or potentially allow remote execution of arbitrary code. This vulnerability arises from the improper handling of packets featuring semi-valid BER (Basic Encoding Rules) encodings. The integrity of the package may be compromised through specially crafted input, as demonstrated by tests from the PROTOS LDAPv3 test suite. Administrators should ensure their systems are updated to the latest versions to mitigate this risk.

References

http://www.notes.net/r5fixlist.nsf/Search%21SearchView&Qu...

x_refsource_CONFIRM

http://www.cert.org/advisories/CA-2001-18.html

third-party-advisoryx_refsource_CERT

http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/l...

x_refsource_MISC

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
May 1, 2002
Vulnerability published
Jul 16, 2001