Potential Denial of Service Vulnerability During Notes Authentication

Technote (FAQ)


Ollie Whitehouse of Symantec reported a format string vulnerability during authentication to the Lotus Domino 6.x servers using the Notes protocol (NRPC). This vulnerability, if exploited by an attacker, could cause the server to crash, resulting in a Denial of Service.


This issue was reported to Quality Engineering and has been addressed in Domino 6.5.4 and 6.0.5. Customers should upgrade to address this potential vulnerability.

Excerpt from the Lotus Notes and Domino Release 6.5.4/6.0.5 MR fix list (available at http://www.ibm.com/developerworks/lotus):

    SPR# KSPR66BKN7 - Fixed a potential Denial of Service attack.

Rate this page:

(0 users)Average rating

Document information

More support for:

Lotus End of Support Products
Lotus Domino Server

Software version:

6.0, 6.5

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows, i5/OS, z/OS

Reference #:


Modified date:


Translate my page

Machine Translation

Content navigation