There exists a DOS in the current version of Lotus Domino 5.08 and earlier. The DOS manifests itself on Lotus Domino servers with the http task running and ssl enabled. A connection to the victim on port 443 with the nmap '-sR' switch will target this port with SunRPC program NULL commands in an attempt to determine whether it is an RPC port, and if so, what program and version number it serves up. Our first attempt brought the domino test server down. Tests on other setups revealed the same behaviour. The task that crashes is the nhttp task. It takes down the whole server. the nmap command used: nmap -n -p 443 -sR www.vicitim.com Lotus has acknowledged the issue and the internal reference number is SPR # MALR4Y6RL8 The issue has been fixed in Lotus Domino 5.09 which is available from www.notes.net as an incremental upgrade. Thanks to Ninke Westra for discovering the issue and for the testing. regards, Hendrik-Jan Verheij http://redheat.org BWSS Phone +(31) 0570-665140 BWSS Fax +(31) 0570-665141 h.j.verheijat_private http://www.bwss.nl Business Wide Services and Solutions It was OK before you touched it !
This archive was generated by hypermail 2b30 : Fri Nov 30 2001 - 14:52:42 PST