| VID |
18103 |
| Severity |
40 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
A version of IBM Lotus Domino SMTP server which is older or equal to 6.5.4 is detected as running on the host. Lotus Domino versions prior to 6.5.4 FP1, 6.5.5, and 7.0 are vulnerable to a denial of service in the SMTP service. The vulnerability is due to an error in the "nrouter" module that fails to properly handle malformed meeting requests received via SMTP. A remote attacker could exploit this vulnerability to cause the application to crash or consume a large amount of system resources.
* Note: This check solely relied on the banner of the remote SMTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securityfocus.com/advisories/10761
http://www.symantec.com/enterprise/research/SYMSA-2006-006.txt
http://www.frsirt.com/english/advisories/2006/2564
http://www.securitytracker.com/alerts/2006/Jun/1016390.html
http://secunia.com/advisories/20855/
* Platforms Affected:
IBM/Lotus Software Group, Lotus Domino version 6.5.4 and earlier versions
Microsoft Windows XP, 2000, 2003 Any version
Apple Mac OS Any version
AIX Any version
IBM OS/390 and OS/400 Any version
Sun Solaris Any version |
| Recommendation |
Upgrade to the latest version of Lotus Domino (6.5.4 FP1, 6.5.5 or 7.0 or later), as listed in IBM Technote Web site at http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21211952 |
| Related URL |
CVE-2006-0119 (CVE) |
| Related URL |
18020 (SecurityFocus) |
| Related URL |
27413 (ISS) |
|
