← back
CVE-2005-0986

CVE-2005-0986

EPSS 7.0%
NLSCCSTR.DLL in the web service in IBM Lotus Domino Server 6.5.1, 6.0.3, and possibly other versions allows remote attackers to cause a denial of service (deep recursion and nHTTP.exe process crash) via a long GET request containing UNICODE decimal value 430 characters, which causes the stack to be exhausted. NOTE: IBM has reported that it is unable to replicate this issue.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/25353unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://news.zdnet.co.uk/software/applications/0%2C39020384%2C39194293%2C00.htmhttp://secunia.com/advisories/14858http://www-1.ibm.com/support/docview.wss?uid=swg21202446http://www.idefense.com/application/poi/display?id=224&type=vulnerabilitieshttp://www.vupen.com/english/advisories/2005/0322