{"vuid":"VU#890128","idnumber":"890128","name":"Lotus Domino vulnerable to a denial of service via DOS device request","keywords":["Lotus","Domino","ncgihttp.exe","DOS device"],"overview":"The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial-of-service situation on the Windows and OS/2 Platforms.","clean_desc":"With the Lotus Domino Web Server, you can access DOS-devices. If this is done through the cgi-bin directory, a ncgihttp.exe process will be opened to handle the execution of the request. A flaw exists where this processing will not finish. After numerous requests have been made, the server will no longer respond to requests on tcp port 80.","impact":"A denial of service results on Windows and OS/2 platforms.","resolution":"Upgrade to Notes/Domino 5.0.7 or later. See http://www.notes.net/qmrdown.nsf/QMRWelcome.","workarounds":"If possible, disable access to DOS-Devices through the web server's cgi-bin directory. An application layer filter may be able to detect and block such requests.","sysaffected":"","thanks":"Our thanks to \nDefcom Labs\n, who published an advisory on this and other problems, available at \nhttp://www.securityfocus.com/frames/?content=/templates/advisory.html?id=3208.","author":"This document was written by Jason Rafail and is based on information obtained from a Defcom Labs Advisory.","public":["http://www.securityfocus.com/bid/2575","http://xforce.iss.net/static/6348.php","http://www.securityfocus.com/advisories/3208"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-04-14T00:03:27Z","publicdate":"2001-04-11T00:00:00Z","datefirstpublished":"2001-07-12T20:43:02Z","dateupdated":"2001-07-12T20:43:03Z","revision":18,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"17","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"6","cam_impact":"8","cam_easeofexploitation":"16","cam_attackeraccessrequired":"16","cam_scorecurrent":"5.0688","cam_scorecurrentwidelyknown":"5.76","cam_scorecurrentwidelyknownexploited":"10.368","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":5.0688,"vulnote":null}