CVE-2006-0119

Severity

99%

Complexity

99%

Confidentiality

165%

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP).

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP).

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

IBM Lotus

First reported 19 years ago

2006-01-09 11:03:00

Last updated 6 years ago

2018-10-19 15:42:00

Affected Software

IBM Lotus Domino 6.5.0

6.5.0

IBM Lotus Domino 6.5.1

6.5.1

IBM Lotus Domino 6.5.2

6.5.2

IBM Lotus Domino 6.5.3

6.5.3

IBM Lotus Domino 6.5.4

6.5.4

IBM Lotus Domino Enterprise Server 6.5.2

6.5.2

IBM Lotus Domino Enterprise Server 6.5.4

6.5.4

IBM Lotus Notes 6.5

6.5

IBM Lotus Notes 6.5.1

6.5.1

IBM Lotus Notes 6.5.2

6.5.2

IBM Lotus Notes 6.5.3

6.5.3

IBM Lotus Notes 6.5.4

6.5.4

References

18328

Patch, Vendor Advisory

20855

Vendor Advisory

1016390

20060626 SYMSA-2006-006: Lotus Domino SMTP Based Denial of Service

16158

Patch

18020

ADV-2006-0081

Vendor Advisory

ADV-2006-2564

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg27007054

http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument&Highlight=0,JGAN6B6TZ3

http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument&Highlight=0,HSAO6BNL6Y

http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument&Highlight=0,GPKS6C9J67

http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument&Highlight=0,KSPR699NBP

http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument&Highlight=0,GPKS5YQGPT

http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument&Highlight=0,GPKS6C9J67

lotus-multiple-unspecified(24207)

lotus-web-unspecified-xss(24211)

domino-smtp-nrouter-dos(27413)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.