PT-2001-1237 · Ibm · Lotus Domino Smtp Server

Published

2001-08-20

Updated

2017-10-10

CVE-2000-1203

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Lotus Domino SMTP server versions 4.63 through 5.08

Description: The issue allows remote attackers to cause a denial of service by consuming CPU resources. This is achieved by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes the server to enter a mail loop.

Recommendations: For versions 4.63 through 5.08, consider restricting access to the SMTP server to prevent forged email messages, and implement measures to detect and prevent mail loops.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-1203

Affected Products

Lotus Domino Smtp Server

PT-2001-1237 · Ibm · Lotus Domino Smtp Server

CVE-2000-1203

Related Identifiers

Affected Products

References · 7