CVE-2005-0986 Information

Description

NLSCCSTR.DLL in the web service in IBM Lotus Domino Server 6.5.1 6.0.3 and possibly other versions allows remote attackers to cause a denial of service (deep recursion and nHTTP.exe process crash) via a long GET request containing UNICODE decimal value 430 characters which causes the stack to be exhausted. NOTE: IBM has reported that it is unable to replicate this issue.

Reference

http://news.zdnet.co.uk/software/applications/0390203843919429300.htm http://secunia.com/advisories/14858 http://www.idefense.com/application/poi/display?id=224&type=vulnerabilities http://www.vupen.com/english/advisories/2005/0322 http://www-1.ibm.com/support/docview.wss?uid=swg21202446