IBM Lotus Domino RPC Operation Denial of Service Vulnerability

According to the IBM page about this: "If an attacker can monitor and record all communications between a Notes client and a Domino server then it is possible to crash the Domino server by modifying a specific packet, in a specific way, during a specific operation.", so a relatively low threat. Upgrade to 8.5.3 if you can, if not (because of the server changes in 8.5.3) upgrade to 8.5.2 FP4.

Source: SecurityFocus

---

IBM Lotus Domino RPC Operation Denial of Service Vulnerability

Bugtraq ID:	51167
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2011-1393
Remote:	Yes
Local:	No
Published:	Dec 22 2011 12:00AM
Updated:	Jan 02 2012 11:20PM
Credit:	Xiaopeng Zhang of Fortiguard Labs
Vulnerable:	IBM Lotus Domino 8.5.2 IBM Lotus Domino 8.5 IBM Lotus Domino 8.0.2 Fix Pack 5 IBM Lotus Domino 8.0.2 IBM Lotus Domino 8.5.2 FP3 IBM Lotus Domino 8.5.2 FP2 IBM Lotus Domino 8.5.0.1 IBM Lotus Domino 8.5 FP1 IBM Lotus Domino 8.5 IBM Lotus Domino 8.0.2.4 IBM Lotus Domino 8.0.2.3 IBM Lotus Domino 8.0.2.2 IBM Lotus Domino 8.0.2.1 IBM Lotus Domino 8.0
Not Vulnerable:	IBM Lotus Domino 8.5.3 IBM Lotus Domino 8.5.2 FP4

IBM Lotus Domino is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

An attacker can use readily available network utilities.

Solution:
The vendor released an update. Please see the references for details.

References:

• IBM Homepage (IBM)
  
• IBM Lotus Notes/Domino Server Vulnerability (Fortinet)
  
• Security Advisory: Lotus Domino Denial of Service Vulnerability during Notes aut (IBM)
  
• Security Advisory: Lotus Domino Denial of Service Vulnerability during Notes aut (IBM)