Denial of Service Vulnerability in Lotus Domino Web Server
CVE-2003-0180

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino Web Server
Vendor: CVE Published:; 2 April 2003

Summary

The Lotus Domino Web Server, specifically the nhttp.exe process, is susceptible to a denial of service attack that can be executed by sending an incomplete POST request. This vulnerability may disrupt normal operations of the server, making services temporarily unavailable to legitimate users. The issue has been demonstrated using the h_PageUI form, highlighting the need for immediate updates to versions prior to 6.0.1 to mitigate the risk.

References

http://www.nextgenss.com/advisories/lotus-60dos.txt

x_refsource_MISC

http://www.cert.org/advisories/CA-2003-11.html

third-party-advisoryx_refsource_CERT

https://exchange.xforce.ibmcloud.com/vulnerabilities/11360

vdb-entryx_refsource_XF

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 2, 2003
Vulnerability Reserved
Mar 28, 2003