Summary
It might be possible to lock out some Lotus Domino databases by requesting them through the web interface with a special request like /./name.nsf
This attack is only efficient on databases that are not used by the server.
*** Note that no real attack was performed,
*** so this might be a false alert
Solution
upgrade your Lotus Domino server
Severity
Classification
-
CVE CVE-2001-0954 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- EtherApe RPC Packet Processing Denial of Service Vulnerability
- FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
- Comodo Internet Security Denial of Service Vulnerability-01
- Firefox 'nsObserverList::FillObserverArray' DOS Vulnerability (Win)
- ClamAV Hash Manager Off-By-One Denial of Service Vulnerability (Win)