Denial of Service Vulnerability in IBM Lotus Mobile Connect
CVE-2010-4593

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Mobile Connect
Vendor: CVE Published:; 22 December 2010

What is CVE-2010-4593?

IBM Lotus Mobile Connect prior to version 6.1.4 is susceptible to a Denial of Service attack due to improper reference count maintenance in the Connection Manager. This vulnerability enables remote authenticated users to deplete IP address resources by attempting to initiate invalid VPN sessions using the same ID from multiple devices, leading to service interruptions.

References

http://secunia.com/advisories/42703

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ75012

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg27020327

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 22, 2010
Vulnerability Reserved
Dec 22, 2010