DoS against Domino 6.5.1Jun 30 2004 07:09PM Andreas Klein (Andreas C Klein physik uni-wuerzburg de) (1 replies)
Hello,
this problem has been reported to IBM Lotus customer support
(PMR 37321,999,724) on Feb 16, 2004 and was reproduced by them.
Affected versions:
Domino 6.5.1 and newer on Linux (other platforms not tested by me, but
Domino 6.5.1 on Windows has been found to be vulnerable too by IBM
support)
Abstract:
Opening certain mails via Domino Web Access leads to a crash of the whole
Domino-server.
Detailed description:
Open your favourite mail-program (eg. pine) and write a message to a
person reading his mail via Domino Web Access (formerly known as
iNotes) with the following message content:
(just paste all the lines below into the body of the mail)
--- snip here; do not paste this line --
Content-Disposition: Attachment; filename="PC210017.JPG"
Content-Type: image/jpeg;
Name="PC210017.JPG"
Content-Transfer-Encoding: Base64
[Add here some megabytes of data. 1kB is not enough, but 12MB was
sufficient in all my tests]
--- snip here; do not pste this line ---
As soon as the recipient opens the mail in Domino Web Access, the whole
Domino server will go down.
Solution:
There is no solution provided by IBM and they are not planning to fix the
problem. The proposed workaround is to limit the maximum message-size or
to disable the web-access.
Hello,
this problem has been reported to IBM Lotus customer support
(PMR 37321,999,724) on Feb 16, 2004 and was reproduced by them.
Affected versions:
Domino 6.5.1 and newer on Linux (other platforms not tested by me, but
Domino 6.5.1 on Windows has been found to be vulnerable too by IBM
support)
Abstract:
Opening certain mails via Domino Web Access leads to a crash of the whole
Domino-server.
Detailed description:
Open your favourite mail-program (eg. pine) and write a message to a
person reading his mail via Domino Web Access (formerly known as
iNotes) with the following message content:
(just paste all the lines below into the body of the mail)
--- snip here; do not paste this line --
Content-Disposition: Attachment; filename="PC210017.JPG"
Content-Type: image/jpeg;
Name="PC210017.JPG"
Content-Transfer-Encoding: Base64
/9j/4Re0RXhpZgAASUkqAAgAAAALAA4BAgAgAAAAkgAAAA8BAgAYAAAAsgAAABABAgAMAAAA
ygAAABIBAwABAAAAAQAAABoBBQABAAAA2AAAABsBBQABAAAA4AAAACgBAwABAAAAAgAAADEB
AgAJAAAA6AAAADIBAgAUAAAACAEAABMCAwABAAAAAgAAAGmHBAABAAAAHAEAAAADAABPTFlN
[Add here some megabytes of data. 1kB is not enough, but 12MB was
sufficient in all my tests]
--- snip here; do not pste this line ---
As soon as the recipient opens the mail in Domino Web Access, the whole
Domino server will go down.
Solution:
There is no solution provided by IBM and they are not planning to fix the
problem. The proposed workaround is to limit the maximum message-size or
to disable the web-access.
[ reply ]