Signature Detail
Short Name |
SMTP:MAL:NOTES-BIGMAIL-DOS |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
SMTP |
Keywords |
Lotus Notes Domino Web Access Message Handling Denial of Service |
Release Date |
2004/08/25 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: Lotus Notes Domino Web Access Message Handling Denial of Service
This signature detects large e-mail messages (>12 MB) sent to Lotus Domino servers through a commonly published exploit. Attackers can cause Lotus Domino to exhaust all system memory and cause the service to stop responding.
Extended Description
Lotus Domino Server is reported prone to a remote denial of service vulnerability. The issue is reported to exist when a malicious email that is received on the affected server, is opened through the Domino Web Access interface by a client. A remote attacker may exploit this condition to deny Lotus Domino service to legitimate users.
Affected Products
- IBM Lotus Domino 6.0.0
- IBM Lotus Domino 6.0.1
- IBM Lotus Domino 6.0.2
- IBM Lotus Domino 6.0.2 CF2
- IBM Lotus Domino 6.0.3
- IBM Lotus Domino 6.5.0 .0
- IBM Lotus Domino 6.5.1
- IBM Lotus Domino 6.5.2
- Lotus Domino 6.5.1
References
- BugTraq: 10641
- CVE: CVE-2004-0668
- URL: http://www-1.ibm.com/support/docview.wss?uid=swg21173969