Denial of Service Vulnerability in Lotus Domino Web Server by IBM
CVE-2003-0181

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino Web Server
Vendor: CVE Published:; 2 April 2003

Summary

The Lotus Domino Web Server, specifically nhttp.exe, is susceptible to a denial of service attack. This occurs when remote attackers send a specially crafted POST request to the server, which can exploit the 'Fictionary Value Field' by using an excessively long and unrecognized parameter name. This flaw allows attackers to overwhelm the server, leading to service interruptions. It is crucial for organizations using affected versions to apply relevant patches to protect against potential exploitation.

References

http://www.nextgenss.com/advisories/lotus-60dos.txt

x_refsource_MISC

http://www.cert.org/advisories/CA-2003-11.html

third-party-advisoryx_refsource_CERT

http://www.securityfocus.com/bid/6951

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 2, 2003
Vulnerability Reserved
Mar 28, 2003