CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 0CVE-2003-0123
https://notcve.org/view.php?id=CVE-2003-0123
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. Desbordamiento de búfer en el cliente Web Retriever de Lotus Notes/Domino R4.5 a R.6 permite a servidores web remotos maliciosos causar una denegación de servicio (caída) mediante una línea de estado HTTP larga. • http://marc.info/?l=bugtraq&m=104757545500368&w=2 http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105060 http://www.cert.org/advisories/CA-2003-11.html http://www.ciac.org/ciac/bulletins/n-065.shtml http://www.kb.cert.org/vuls/id/411489 http://www.rapid7.com/advisories/R7-0011.html http://www.securityfocus.com/bid/7038 https://exchange.xforce.ibmcloud.com/vulnerabilities/11525 •
CVSS: 5.0EPSS: 3%CPEs: 14EXPL: 0CVE-2002-1624
https://notcve.org/view.php?id=CVE-2002-1624
Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters. • http://securitytracker.com/id?1004052 http://www.kb.cert.org/vuls/id/772563 http://www.securityfocus.com/bid/6646 https://exchange.xforce.ibmcloud.com/vulnerabilities/11058 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 2CVE-2002-2014
https://notcve.org/view.php?id=CVE-2002-2014
Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks. • http://archives.neohapsis.com/archives/bugtraq/2002-01/0373.html http://archives.neohapsis.com/archives/vuln-dev/2002-q1/0258.html http://www.iss.net/security_center/static/8038.php http://www.securityfocus.com/bid/3991 •
CVSS: 5.0EPSS: 1%CPEs: 14EXPL: 0CVE-2002-2025
https://notcve.org/view.php?id=CVE-2002-2025
Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0037.html http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/945e97608fda942a85256b37007905b1?OpenDocument&Highlight=0%2CJCHN547JWV http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/a77f8a5132cce70085256b8000792112?OpenDocument&Highlight=0%2CJCHN4UMKLA http://www.securityfocus.com/archive/1/253830 http://www.securityfocus.com/bid/4019 http://www.securityfocus.com/bid/4020 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2002-0037
https://notcve.org/view.php?id=CVE-2002-0037
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. Los servidores Lotus Domino 5.x, 4.6x y 4.5x permiten a atacantes evadir la lista acceso de autores y lectores de un objeto mediante una llamada a la API (interfaz de programación) de Notes que accede directamente al objeto. • http://archives.neohapsis.com/archives/bugtraq/2001-09/0147.html http://archives.neohapsis.com/archives/bugtraq/2001-09/0150.html http://www.iss.net/security_center/static/10095.php http://www.kb.cert.org/vuls/id/657899 •