Details of VAR-200107-0019

ID

VAR-200107-0019

CVE

CVE-2001-1097

TITLE

Lotus Domino vulnerable to DoS via crafted unicode GET request

Trust: 0.8

sources: CERT/CC: VU#676552

DESCRIPTION

Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. DIIOP by default listens on port 63148. Making continuous and unusually large connection requests to port 63148, will invoke a DIIOP session. Each such connection request will launch a new DIIOP session. Eventually this process will cause CPU utilization to spike to 100% on the target host. A potential denial of service condition may exist in Cisco's IOS firmware. The problem reportedly occurs when a large number of UDP packets are sent to device running IOS. This causes the system to use all available CPU resources and thus become unresponsive. The device may have to be reset manually if the attack is successful

Trust: 3.69

sources: NVD: CVE-2001-1097 // CERT/CC: VU#676552 // CERT/CC: VU#642760 // CERT/CC: VU#555464 // BID: 2599 // BID: 3096 // VULHUB: VHN-3902

AFFECTED PRODUCTS

vendor:	lotus	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 1.9
vendor:	cisco	model:	ios	scope:	eq	version:	12.1	Trust: 1.9
vendor:	cisco	model:	ios	scope:	eq	version:	12.0	Trust: 1.9
vendor:	cisco	model:	ios	scope:	eq	version:	12.0\(3\)	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.0\(2\)	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.0\(7\)t	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.0\(5\)	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.0\(6\)	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.0\(1\)	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.0\(4\)	Trust: 1.6
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.5	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	lotus	model:	domino	scope:	ne	version:	5.0.7	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0.7	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0.6	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0.5	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0.4	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0.3	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0.2	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0.1	Trust: 0.3
vendor:	cisco	model:	ios 12.0 t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0(5)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0(3)	Trust: 0.3

sources: CERT/CC: VU#676552 // CERT/CC: VU#642760 // CERT/CC: VU#555464 // BID: 2599 // BID: 3096 // CNNVD: CNNVD-200107-173 // NVD: CVE-2001-1097

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-1097
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#676552
value:	10.50
Trust: 0.8
CARNEGIE MELLON:	VU#642760
value:	10.50
Trust: 0.8
CARNEGIE MELLON:	VU#555464
value:	4.25
Trust: 0.8
CNNVD:	CNNVD-200107-173
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-3902
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2001-1097
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-3902
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#676552 // CERT/CC: VU#642760 // CERT/CC: VU#555464 // VULHUB: VHN-3902 // CNNVD: CNNVD-200107-173 // NVD: CVE-2001-1097

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-1097

THREAT TYPE

network

Trust: 0.6

sources: BID: 2599 // BID: 3096

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200107-173

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-3902

EXTERNAL IDS

db:	NVD	id:	CVE-2001-1097	Trust: 2.0
db:	BID	id:	3096	Trust: 2.0
db:	BID	id:	2599	Trust: 1.1
db:	BID	id:	2571	Trust: 0.8
db:	XF	id:	6349	Trust: 0.8
db:	CERT/CC	id:	VU#676552	Trust: 0.8
db:	BID	id:	2598	Trust: 0.8
db:	XF	id:	6351	Trust: 0.8
db:	CERT/CC	id:	VU#642760	Trust: 0.8
db:	XF	id:	6350	Trust: 0.8
db:	CERT/CC	id:	VU#555464	Trust: 0.8
db:	CNNVD	id:	CNNVD-200107-173	Trust: 0.7
db:	XF	id:	6913	Trust: 0.6
db:	XF	id:	6319	Trust: 0.6
db:	BUGTRAQ	id:	20010724 UDP PACKET HANDLING WEIRD BEHAVIOUR OF VARIOUS OPERATING SYSTEMS	Trust: 0.6
db:	BUGTRAQ	id:	20010811 RE: UDP PACKET HANDLING WEIRD BEHAVIOUR OF VARIOUS OPERATING SYSTEMS	Trust: 0.6
db:	EXPLOIT-DB	id:	21028	Trust: 0.1
db:	SEEBUG	id:	SSVID-74875	Trust: 0.1
db:	VULHUB	id:	VHN-3902	Trust: 0.1

sources: CERT/CC: VU#676552 // CERT/CC: VU#642760 // CERT/CC: VU#555464 // VULHUB: VHN-3902 // BID: 2599 // BID: 3096 // CNNVD: CNNVD-200107-173 // NVD: CVE-2001-1097

REFERENCES

url:	http://www.securityfocus.com/bid/3096	Trust: 2.7
url:	http://www.securityfocus.com/archive/1/199558	Trust: 2.7
url:	http://www.securityfocus.com/advisories/3208	Trust: 2.4
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/6913	Trust: 2.1
url:	http://marc.info/?l=bugtraq&m=99749327219189&w=2	Trust: 2.0
url:	http://www.securityfocus.com/bid/2571	Trust: 0.8
url:	http://xforce.iss.net/static/6349.php	Trust: 0.8
url:	http://www.securityfocus.com/bid/2598	Trust: 0.8
url:	http://xforce.iss.net/static/6351.php	Trust: 0.8
url:	http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c?openview&start=3.111&count=30&expand=3.126#3.126	Trust: 0.8
url:	http://www.securityfocus.com/bid/2599	Trust: 0.8
url:	http://xforce.iss.net/static/6350.php	Trust: 0.8
url:	http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c/59719a1dd92c03e385256a4d0073766b?opendocument	Trust: 0.8
url:	http://xforce.iss.net/static/6913.php	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=99749327219189&w=2	Trust: 0.6
url:	http://www.lotus.com/home.nsf/welcome/domino	Trust: 0.3
url:	http://www.cisco.com/warp/public/707/sec_incident_response.shtml	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=99749327219189&w=2	Trust: 0.1

sources: CERT/CC: VU#676552 // CERT/CC: VU#642760 // CERT/CC: VU#555464 // VULHUB: VHN-3902 // BID: 2599 // BID: 3096 // CNNVD: CNNVD-200107-173 // NVD: CVE-2001-1097

CREDITS

Discovered and posted to Bugtraq by <peter.grundl@defcom.com> on April 11, 2001.

Trust: 0.3

sources: BID: 2599

SOURCES

db:	CERT/CC	id:	VU#676552
db:	CERT/CC	id:	VU#642760
db:	CERT/CC	id:	VU#555464
db:	VULHUB	id:	VHN-3902
db:	BID	id:	2599
db:	BID	id:	3096
db:	CNNVD	id:	CNNVD-200107-173
db:	NVD	id:	CVE-2001-1097

LAST UPDATE DATE

2024-11-23T19:30:14.077000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#676552	date:	2001-07-26T00:00:00
db:	CERT/CC	id:	VU#642760	date:	2001-07-17T00:00:00
db:	CERT/CC	id:	VU#555464	date:	2001-07-17T00:00:00
db:	VULHUB	id:	VHN-3902	date:	2017-12-19T00:00:00
db:	BID	id:	2599	date:	2001-04-11T00:00:00
db:	BID	id:	3096	date:	2015-03-19T08:49:00
db:	CNNVD	id:	CNNVD-200107-173	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2001-1097	date:	2024-11-20T23:36:52.160

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#676552	date:	2001-07-23T00:00:00
db:	CERT/CC	id:	VU#642760	date:	2001-07-12T00:00:00
db:	CERT/CC	id:	VU#555464	date:	2001-07-12T00:00:00
db:	VULHUB	id:	VHN-3902	date:	2001-07-24T00:00:00
db:	BID	id:	2599	date:	2001-04-11T00:00:00
db:	BID	id:	3096	date:	2001-07-25T00:00:00
db:	CNNVD	id:	CNNVD-200107-173	date:	2001-07-24T00:00:00
db:	NVD	id:	CVE-2001-1097	date:	2001-07-24T04:00:00