Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lotus_domino_server | Ibm | 4.6.1 (including) | 4.6.1 (including) |
| Lotus_domino_server | Ibm | 4.6.3 (including) | 4.6.3 (including) |
| Lotus_domino_server | Ibm | 4.6.4 (including) | 4.6.4 (including) |
| Lotus_domino_server | Ibm | 5.0 (including) | 5.0 (including) |
| Lotus_domino_server | Ibm | 5.0.1 (including) | 5.0.1 (including) |
| Lotus_domino_server | Ibm | 5.0.2 (including) | 5.0.2 (including) |
| Lotus_domino_server | Ibm | 5.0.3 (including) | 5.0.3 (including) |
| Lotus_domino_server | Ibm | 5.0.4 (including) | 5.0.4 (including) |
| Lotus_domino_server | Ibm | 5.0.5 (including) | 5.0.5 (including) |
| Lotus_domino_server | Ibm | 5.0.6 (including) | 5.0.6 (including) |
| Lotus_domino_server | Ibm | 5.0.7 (including) | 5.0.7 (including) |
| Lotus_domino_server | Ibm | 5.0.7a (including) | 5.0.7a (including) |
| Lotus_domino_server | Ibm | 5.0.8 (including) | 5.0.8 (including) |
| Lotus_domino_server | Ibm | 5.0.9 (including) | 5.0.9 (including) |