Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 IMAP:SET-QUOTA

Severity

 Medium

Recommended

 No

Category

 IMAP

Keywords

 Domino Set Quota

Release Date

 2005/01/05

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

IMAP: Domino Set Quota


This signature detects attempts to modify the user quota on an IMAP server. Domino 6.5.0 and 6.5.1 allow any user to modify its quota regardless of its rights on the server.

Extended Description

IBM Lotus Domino server is reported to improperly allow users to alter their own mail storage quota values. A user's mailbox is assigned a quota to limit the amount of data that can be consumed by email on the server. This quota is assigned by the administrator of the application. An attacker could possibly use this vulnerability to raise their mailbox's quota to a very large amount, and then proceed to fill the mail servers storage device. This will result in a denial of service condition, where new mail will not be able to be stored on the full disk. Domino version 6.5.0 and 6.5.1 are reported vulnerable to this issue.

Affected Products

  • IBM Lotus Domino 6.5.0 .0
  • IBM Lotus Domino 6.5.1

References

  • BugTraq: 10642
  • CVE: CVE-2004-0669
  • URL: http://nvd.nist.gov/nvd.cfm?cvename=CAN-2004-0669

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out