Vigil@nce: Domino, denial of service via LDAP
January 2010 by Vigil@nce
An attacker can send a malicious LDAP query, in order to stop
Lotus Domino.
– Severity: 1/4
– Consequences: denial of service of service
– Provenance: intranet client
– Means of attack: 1 attack
– Ability of attacker: technician (2/4)
– Confidence: unique source (2/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 14/01/2010
IMPACTED PRODUCTS
– Lotus Domino
DESCRIPTION OF THE VULNERABILITY
The directory service of Lotus Domino can be reached with the LDAP
protocol.
The LDAP protocol uses data encoded with ASN.1.
An attacker can send a query containing invalid ASN.1 data to the
LDAP service of Lotus Domino, in order to stop it.
A network attacker can thus create a denial of service.
CHARACTERISTICS
– Identifiers: BID-17669, VIGILANCE-VUL-9352
– Url: http://vigilance.fr/vulnerability/Domino-denial-of-service-via-LDAP-9352