Wednesday, 20 July 2011

Lotus Domino Denial of Service Attack

Credits to Tom Duff.
Packet Storm is reporting a Lotus Domino Denial of Service issue...

# Exploit Title: Lotus Domino SMTP router, EMAIL server and client DoS - all 3 may crash
# Date: July 16, 2011
# Author: None - looks like a malformed Kerio generated calendar invitation was the reason this was discovered -http://forums.kerio.com/index.php?t=msg&th=19863&start=0
# Software Link: none - cut/paste the malformed meeting invitation show below, send into some Domino shop as a mime type text/calendar with a filename.ics
# Version: 8.5.3 and very likely all 7.x and 8.x
# Tested on: W2K3, W2K8, XP running 8.5.3
# CVE : none - but IBM has patches for this and other
items
https://www-304.ibm.com/support/docview.wss?q1=vulnerability%20OR%20vulnerabilities&rs=0&uid=swg21461514&cs=utf-8?=en&loc=en_US&cc=us
https://www-304.ibm.com/support/docview.wss?uid=swg21504183

Particularly ugly in that the rest of the page has the cut and paste code for making the attachment that will crash the server...