Home » Hacking News » Lotus Domino Webserver DOS Device Extension DoS Vulnerability

Lotus Domino Webserver DOS Device Extension DoS Vulnerability

by Nikola Strahija on February 6th, 2002 If a request for a DOS device from CGI-BIN has an extension of 220 characters, the server will spawn a cmd.exe session to run nul.pif. The server will also pop up a window asking for a program association to run nul.pif with. If this is done approximately 400 times, the server will reportedly run out of working threads.

It has been reported that all versions of Lotus Domino Webserver prior to 5.0.9a running on Windows 2000 may be vulnerable to a denial of service condition.

There is no exploit code required.

From the forum

The forums are now OPEN AGAIN!

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Our online shop
Top sellers
New Items
Books
Software

Xatrix.org © Copyright 2001-2016, Xatrix Security . All Rights Reserved
Most hackers are young because young people tend to be adaptable. As long as you remain adaptable, you can always be a good hacker. - Emmanuel Goldstein

Users login

JOIN XATRIX

Lotus Domino Webserver DOS Device Extension DoS Vulnerability

Related articles

Advisories

Vulnerabilities

From the forum

Newsletter signup

Free E-books

Contact