CVE-2010-4593 Information

Description

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices.

Reference

http://secunia.com/advisories/42703 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ75012 http://www-01.ibm.com/support/docview.wss?uid=swg27020327