Denial of Service Vulnerability in Lotus Domino Server by IBM
CVE-2002-2025

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino Server
Vendor: CVE Published:; 31 December 2002

Summary

The vulnerability present in Lotus Domino Server versions 5.0.9a and earlier allows remote attackers to induce a denial of service condition. By sending a large volume of HTTP requests that target either an MS-DOS device name or an MS-DOS device name with extra characters, attackers can deplete the server’s thread pool. This exhausts the server’s ability to process legitimate user requests, resulting in service interruption and potential downtime.

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/...

mailing-listx_refsource_VULNWATCH

http://www.securityfocus.com/bid/4020

vdb-entryx_refsource_BID

http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002