Vulnerabilities > CVE-2017-1129 - Unspecified vulnerability in IBM Expeditor and Inotes
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
Vulnerable Configurations
Exploit-Db
description IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit). CVE-2017-1129. Dos exploit for Multiple platform id EDB-ID:42969 last seen 2017-10-10 modified 2017-08-31 published 2017-08-31 reporter Exploit-DB source https://www.exploit-db.com/download/42969/ title IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit) description IBM Notes 8.5.x/9.0.x - Denial of Service. CVE-2017-1129. Dos exploit for Multiple platform file exploits/multiple/dos/42602.html id EDB-ID:42602 last seen 2017-09-03 modified 2017-09-02 platform multiple port published 2017-09-02 reporter Exploit-DB source https://www.exploit-db.com/download/42602/ title IBM Notes 8.5.x/9.0.x - Denial of Service type dos
Metasploit
description | This module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If successful, it could cause the Notes client to hang and have to be restarted. |
id | MSF:AUXILIARY/DOS/HTTP/IBM_LOTUS_NOTES |
last seen | 2020-05-20 |
modified | 2020-05-12 |
published | 2017-09-23 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/http/ibm_lotus_notes.rb |
title | IBM Notes encodeURI DOS |
Packetstorm
data source https://packetstormsecurity.com/files/download/143981/ibmnotes89-dos.txt id PACKETSTORM:143981 last seen 2017-09-05 published 2017-09-02 reporter Dhiraj Mishra source https://packetstormsecurity.com/files/143981/IBM-Notes-8.5.x-9.0.x-Denial-Of-Service.html title IBM Notes 8.5.x / 9.0.x Denial Of Service data source https://packetstormsecurity.com/files/download/144547/ibmnotesencodeuri-dos.rb.txt id PACKETSTORM:144547 last seen 2017-10-11 published 2017-10-10 reporter Mishra Dhiraj source https://packetstormsecurity.com/files/144547/IBM-Notes-8.5-9.0-encodeURI-Denial-Of-Service.html title IBM Notes 8.5 / 9.0 encodeURI Denial Of Service
References
- http://www.ibm.com/support/docview.wss?uid=swg21999385
- http://www.ibm.com/support/docview.wss?uid=swg21999385
- http://www.ibm.com/support/docview.wss?uid=swg22002103
- http://www.ibm.com/support/docview.wss?uid=swg22002103
- https://exchange.xforce.ibmcloud.com/vulnerabilities/121370
- https://exchange.xforce.ibmcloud.com/vulnerabilities/121370
- https://www.exploit-db.com/exploits/42602/
- https://www.exploit-db.com/exploits/42602/