The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial-of-service situation on the Windows and OS/2 Platforms.
With the Lotus Domino Web Server, you can access DOS-devices. If this is done through the cgi-bin directory, a ncgihttp.exe process will be opened to handle the execution of the request. A flaw exists where this processing will not finish. After numerous requests have been made, the server will no longer respond to requests on tcp port 80.
A denial of service results on Windows and OS/2 platforms.
If possible, disable access to DOS-Devices through the web server's cgi-bin directory. An application layer filter may be able to detect and block such requests.
Our thanks to Defcom Labs, who published an advisory on this and other problems, available at http://www.securityfocus.com/frames/?content=/templates/advisory.html?id=3208.
This document was written by Jason Rafail and is based on information obtained from a Defcom Labs Advisory.
|Date First Published:||2001-07-12|
|Date Last Updated:||2001-07-12 20:43 UTC|