Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0121

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2006-0121
Last Modified 07 Mar 2011 09:29:22
Published 09 Jan 2006 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0121

Summary

Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory.

Vulnerable Systems

Application

  • Ibm Lotus Domino 6.5.0

  • Ibm Lotus Domino 6.5.1

  • Ibm Lotus Domino 6.5.2

  • Ibm Lotus Domino 6.5.3

  • Ibm Lotus Domino 6.5.4

  • Ibm Lotus Domino Enterprise Server 6.5.2

  • Ibm Lotus Domino Enterprise Server 6.5.4

  • Ibm Lotus Notes 6.5

  • Ibm Lotus Notes 6.5.1

  • Ibm Lotus Notes 6.5.2

  • Ibm Lotus Notes 6.5.3

  • Ibm Lotus Notes 6.5.4


References

BID - 16158

SECUNIA - 18328

VUPEN - ADV-2006-0081

CONFIRM - http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument&Highlight=0,MKIN693QUT

CONFIRM - http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument&Highlight=0,MKIN67MQVW

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg27007054

XF - lotus-ssl-handshake-dos(24223)


Last Updated: 27 May 2016 10:41:32