Vulnerabilities > CVE-2003-0181 - Unspecified vulnerability in IBM Lotus Domino web Server 6.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
ibm
nessus
NVD
Published: 2003-04-02
Updated: 2024-11-20

Summary

Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.

Vulnerable Configurations

Part Description Count
Application
Ibm
1

Nessus

NASL familyWeb Servers
NASL idWWW_TOO_LONG_HEADER11.NASL
descriptionIt was possible to kill the web server by sending an invalid request with a too long HTTP 1.1 header (Accept-Encoding, Accept-Language, Accept-Range, Connection, Expect, If-Match, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, TE, Host). This vulnerability could be exploited to crash the web server. It might even be possible to execute arbitrary code on your system. ** As this is a generic test, it is not possible to know if the impact ** is limited to a denial of service.
last seen2020-06-01
modified2020-06-02
plugin id11129
published2002-09-21
reporterThis script is Copyright (C) 2002-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/11129
titleWeb Server HTTP 1.1 Header Remote Overflow

References