CVE-2010-4592

Name of the Vulnerable Software and Affected Versions IBM Lotus Mobile Connect versions prior to 6.1.4

Description The issue is related to the Mobile Network Connections functionality in the Connection Manager. When HTTP Access Services (HTTP-AS) is enabled, it does not properly handle failed attempts at establishing HTTP-TCP sessions. This allows remote attackers to cause a denial of service by making many TCP connection attempts, resulting in memory consumption and daemon crash.

Recommendations For versions prior to 6.1.4, update to version 6.1.4 or later to resolve the issue.