Lotus Domino SunRPC Denial of Service Vulnerability

Lotus Domino Server is an application framework for web based collaborative software. It runs on multiple platforms, and includes support for the popular Lotus Notes client software.

When Lotus Domino receives a SunRPC NULL command on port 443, the nhttp process crashes, effecting a DoS attack on the Domino server. The process must be restarted to regain normal functionality.

This affects Domino servers with the http task running and ssl enabled.


Privacy Statement
Copyright 2010, SecurityFocus