Skip to main content

Software  >  Lotus  >  

Potential Denial of Service vulnerability in Domino LDAP server task
 Technote (troubleshooting)
 
 
Problem
A specially crafted bind request sent to the LDAP server port can result in a Lotus Domino server crash. If successfully exploited, this vulnerability allows an unauthenticated remote attacker to crash the LDAP service preventing legitimate usage.
 
Symptom
This issue was reported to IBM Lotus by iDEFENSE. The advisory address is as follows:

IDEF 1173: Lotus Domino LDAP Server Bind Command DoS
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=389



This issue results in the following stack trace in the NSD:

##################################################
### FATAL THREAD 9/11 [ nLDAP:2b74:1738]
### FP=0x054efc2c, PC=0x0040cbaf, SP=0x054ef7c8, stksize=1124
### EAX=0x00000000, EBX=0x055f20f4, ECX=0x00000000, EDX=0x04b814f4
### ESI=0x04b814a1, EDI=0x054efbc9, CS=0x0000001b, SS=0x00000023
### DS=0x00000023, ES=0x00000023, FS=0x0000003b, GS=0x00000000 Flags=0x00010246
Exception code: c0000005 (ACCESS_VIOLATION)
##################################################
@[ 1] 0x0040cbaf nLDAP.CLDAPProtocol::StateBind+463 (0,8f56e0,8f56d8,8f0000)
@[ 2] 0x00404581 nLDAP.CLDAPProtocol::Run+1121 (4ccfcf4,0,447e48,3a889bc)
@[ 3] 0x0042a755 nLDAP.CBaseTask::StateMachine+373 (8f56d8,3a889a0,447e48,3a889bc)
@[ 4] 0x004033b2 nLDAP.CLDAPSrv::OnConnect+194 (447e48,3a889bc,8400001,3a889a0)
@[ 5] 0x00426f1c nLDAP.CIServ::ServerTaskProtocolMachine+268 (447e48,3a889a0,3,0)
@[ 6] 0x0042677c nLDAP.CIServ::ServerTaskIOCP+1052 (0,0,60115334,0)
@[ 7] 0x00425bed nLDAP._ServerThread@4+29 (0,0,0,0)
[ 8] 0x77e66063 KERNEL32.GetModuleFileNameA+235

 
Resolving the problem
This issue was reported to IBM Lotus Quality Engineering as SPR# JBUD6FMQST and fixed in Domino 6.5.4 FP2, Domino 6.5.5, and Domino 7.0.1.
Refer to the Upgrade Central site for details on upgrading Notes/Domino.

A workaround for previous releases is to limit access to TCP port 389 on the LDAP server to only allow trusted hosts to connect.

NOTE: This issue does not affect Domino servers that are not running the LDAP server task.
 
 
 

Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Rate this page
Please take a moment to complete this form to help us better serve you.
This material provides me with the information I need.




This material is clear and easy to understand.




Did the information help you to achieve your goal?
What updates, improvements, or related information would you like to see in this document?
Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.
Input the verification number to submit feedback:
Document information
 Product categories:
 Software
 Messaging Applications
 Advanced Messaging
 Lotus Domino
 Lotus Domino Server
 Operating system(s):
  AIX, IBM i, Linux, Solaris, Windows, i5/OS, z/OS
 Software version:
  6.0, 6.5, 7.0
 Reference #:
  1229907
 IBM Group:
 Software Group
 Modified date:
 2009-01-07

Translate My Page
 
 

Rate this page

Help us improve this page. Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.