mailing list archives
Denial of Service in Lotus Domino 5.08 and earlier HTTP Server
From: "Hendrik-Jan Verheij" <h.j.verheij () bwss nl>
Date: Fri, 30 Nov 2001 16:14:11 +0100
There exists a DOS in the current version of Lotus Domino 5.08 and earlier.
The DOS manifests itself on Lotus Domino servers with the http task
running and ssl enabled.
A connection to the victim on port 443 with the nmap '-sR' switch will
target this port with SunRPC program NULL commands in an attempt to
determine whether it is an RPC port, and if so, what program and version
number it serves up.
Our first attempt brought the domino test server down. Tests on other
setups revealed the same behaviour.
The task that crashes is the nhttp task. It takes down the whole server.
the nmap command used:
nmap -n -p 443 -sR www.vicitim.com
Lotus has acknowledged the issue and the internal reference number is SPR #
The issue has been fixed in Lotus Domino 5.09 which is available from
www.notes.net as an incremental upgrade.
Thanks to Ninke Westra for discovering the issue and for the testing.
Hendrik-Jan Verheij http://redheat.org
BWSS Phone +(31) 0570-665140
BWSS Fax +(31) 0570-665141
h.j.verheij () bwss nl http://www.bwss.nl
Business Wide Services and Solutions
It was OK before you touched it !
- Denial of Service in Lotus Domino 5.08 and earlier HTTP Server Hendrik-Jan Verheij (Nov 30)