Lotus Domino R5 Server DIIOP DoS Vulnerability

Lotus Domino R5 Server DIIOP DoS Vulnerability

A denial of service condition can be exploited on a host running Lotus Domino R5 Server.

DIIOP by default listens on port 63148. Making continuous and unusually large connection requests to port 63148, will invoke a DIIOP session. Each such connection request will launch a new DIIOP session. Eventually this process will cause CPU utilization to spike to 100% on the target host.