Vulnerabilities > CVE-2017-1129 - Unspecified vulnerability in IBM Expeditor and Inotes

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
ibm
exploit available
metasploit

Summary

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.

Exploit-Db

  • descriptionIBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit). CVE-2017-1129. Dos exploit for Multiple platform
    idEDB-ID:42969
    last seen2017-10-10
    modified2017-08-31
    published2017-08-31
    reporterExploit-DB
    sourcehttps://www.exploit-db.com/download/42969/
    titleIBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit)
  • descriptionIBM Notes 8.5.x/9.0.x - Denial of Service. CVE-2017-1129. Dos exploit for Multiple platform
    fileexploits/multiple/dos/42602.html
    idEDB-ID:42602
    last seen2017-09-03
    modified2017-09-02
    platformmultiple
    port
    published2017-09-02
    reporterExploit-DB
    sourcehttps://www.exploit-db.com/download/42602/
    titleIBM Notes 8.5.x/9.0.x - Denial of Service
    typedos

Metasploit

descriptionThis module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If successful, it could cause the Notes client to hang and have to be restarted.
idMSF:AUXILIARY/DOS/HTTP/IBM_LOTUS_NOTES
last seen2020-05-20
modified2020-05-12
published2017-09-23
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/http/ibm_lotus_notes.rb
titleIBM Notes encodeURI DOS

Packetstorm