CVE-2010-4592 Information

Description

The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4 when HTTP Access Services (HTTP-AS) is enabled does not properly handle failed attempts at establishing HTTP-TCP sessions which allows remote attackers to cause a denial of service (memory consumption and daemon crash) by making many TCP connection attempts.

Reference

http://secunia.com/advisories/42703 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ74588 http://www-01.ibm.com/support/docview.wss?uid=swg27020327