Come articolato, è stato riscontrato un
possibile DOS sulle versioni 6.5.4 e precedenti.... ecco i dettagli:
TITLE:
Lotus Domino Malformed vCal Processing Denial of Service
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
From remote
DESCRIPTION:
Ollie Whitehouse has reported a vulnerability in Lotus Domino, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
The vulnerability is caused due to an error in the message routing
functionality (nrouter.exe) when processing meeting requests (vCal)
and can be exploited by sending a specially crafted meeting request.
Successful exploitation consumes 100% CPU resources and prevents
delivery of new mail as long as the malicious message is in the
message queue.
SOLUTION:
Update to version 6.5.4 FP1, 6.5.5, or 7.0.
ORIGINAL ADVISORY:
IBM:
http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21211952
Symantec:
http://www.symantec.com/enterprise/research/SYMSA-2006-006.txt
Aggiornamento Sulla Sicurezza in Domino R 6.x
- 07/03/2006
- 0 commenti
0 Commenti:
Nessun Commento Trovato