Sign-up

ID

VAR-200107-0019


CVE

CVE-2001-1097


TITLE

Lotus Domino vulnerable to DoS via many large connects sent to 63148/TCP

Trust: 0.8

sources: CERT/CC: VU#555464

DESCRIPTION

Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. "The Bat!" is an MUA for Windows by Rit Research Labs. "The Bat!" is vulnerable to a remote denial of service attack. Email messages in which carriage return (CR) characters are not followed by a linefeed (LF) can cause "The Bat!" to incorrectly interpret the message's structure. This can lead "The Bat!" to read text in the message body as a response from the POP3 server. The current (corrupt) message will not be deleted from the server, and the mail download process will stop. As a result, the user will remain unable to receive new email messages from the affected POP3 account. A potential denial of service condition may exist in Cisco's IOS firmware. The problem reportedly occurs when a large number of UDP packets are sent to device running IOS. This causes the system to use all available CPU resources and thus become unresponsive. The device may have to be reset manually if the attack is successful

Trust: 2.97

sources: NVD: CVE-2001-1097 // CERT/CC: VU#555464 // CERT/CC: VU#310816 // BID: 2636 // BID: 3096 // VULHUB: VHN-3902

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 1.9

vendor:ciscomodel:iosscope:eqversion:12.1

Trust: 1.9

vendor:ciscomodel:iosscope:eqversion:12.0

Trust: 1.9

vendor:ciscomodel:iosscope:eqversion:12.0\(3\)

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0\(2\)

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0\(7\)t

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0\(5\)

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0\(6\)

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0\(1\)

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0\(4\)

Trust: 1.6

vendor:lotusmodel: - scope: - version: -

Trust: 0.8

vendor:ritmodel: - scope: - version: -

Trust: 0.8

vendor:ritmodel:research labs the bat!scope:eqversion:1.101

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.51

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.49

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.48

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.47

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.46

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.45

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.44

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.43

Trust: 0.3

vendor:ritmodel:research labs the bat! fscope:eqversion:1.42

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.42

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.41

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.39

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.36

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.35

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.34

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.33

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.32

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.31

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.22

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.21

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.19

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.18

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.17

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.15

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.14

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.5

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.1

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.043

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.041

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.039

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.036

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.035

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.032

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.031

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.029

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.028

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.015

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:eqversion:1.011

Trust: 0.3

vendor:ritmodel:research labs the bat!scope:neversion:1.52

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0.7

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0.6

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0.5

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0.4

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0.3

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0.2

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0.1

Trust: 0.3

vendor:ciscomodel:ios 12.0 tscope: - version: -

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0(5)

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0(3)

Trust: 0.3

sources: CERT/CC: VU#555464 // CERT/CC: VU#310816 // BID: 2636 // BID: 3096 // CNNVD: CNNVD-200107-173 // NVD: CVE-2001-1097

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2001-1097
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#555464
value: 4.25

Trust: 0.8

CARNEGIE MELLON: VU#310816
value: 1.62

Trust: 0.8

CNNVD: CNNVD-200107-173
value: MEDIUM

Trust: 0.6

VULHUB: VHN-3902
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2001-1097
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-3902
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#555464 // CERT/CC: VU#310816 // VULHUB: VHN-3902 // CNNVD: CNNVD-200107-173 // NVD: CVE-2001-1097

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-1097

THREAT TYPE

network

Trust: 0.6

sources: BID: 2636 // BID: 3096

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.6

sources: BID: 2636 // BID: 3096

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-3902

EXTERNAL IDS
db:NVDid:CVE-2001-1097
Trust: 2.0
db:BIDid:3096
Trust: 2.0
db:BIDid:2636
Trust: 1.1
db:BIDid:2599
Trust: 0.8
db:XFid:6350
Trust: 0.8
db:CERT/CCid:VU#555464
Trust: 0.8
db:XFid:6423
Trust: 0.8
db:CERT/CCid:VU#310816
Trust: 0.8
db:CNNVDid:CNNVD-200107-173
Trust: 0.7
db:XFid:6913
Trust: 0.6
db:XFid:6319
Trust: 0.6
db:BUGTRAQid:20010724 UDP PACKET HANDLING WEIRD BEHAVIOUR OF VARIOUS OPERATING SYSTEMS
Trust: 0.6
db:BUGTRAQid:20010811 RE: UDP PACKET HANDLING WEIRD BEHAVIOUR OF VARIOUS OPERATING SYSTEMS
Trust: 0.6
db:EXPLOIT-DBid:21028
Trust: 0.1
db:SEEBUGid:SSVID-74875
Trust: 0.1
db:VULHUBid:VHN-3902
Trust: 0.1
sources:
            
            
            CERT/CC: VU#555464 // 
            
            
            
            CERT/CC: VU#310816 // 
            
            
            
            VULHUB: VHN-3902 // 
            
            
            
            BID: 2636 // 
            
            
            
            BID: 3096 // 
            
            
            
            CNNVD: CNNVD-200107-173 // 
            
            
            
            NVD: CVE-2001-1097

REFERENCES
url:http://www.securityfocus.com/bid/3096
Trust: 1.7
url:http://www.securityfocus.com/archive/1/199558
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/6913
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=99749327219189&w=2
Trust: 1.0
url:http://www.securityfocus.com/bid/2599
Trust: 0.8
url:http://www.securityfocus.com/advisories/3208
Trust: 0.8
url:http://xforce.iss.net/static/6350.php
Trust: 0.8
url:http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c/59719a1dd92c03e385256a4d0073766b?opendocument
Trust: 0.8
url:http://www.securityfocus.com/bid/2636
Trust: 0.8
url:http://www.ritlabs.com/the_bat/index.html
Trust: 0.8
url:http://www.security.nnov.ru/search/news.asp?binid=1136
Trust: 0.8
url:http://xforce.iss.net/static/6423.php
Trust: 0.8
url:http://xforce.iss.net/static/6913.php
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=99749327219189&w=2
Trust: 0.6
url:http://www.thebat.net
Trust: 0.3
url:http://www.cisco.com/warp/public/707/sec_incident_response.shtml
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=99749327219189&w=2
Trust: 0.1
sources:
            
            
            CERT/CC: VU#555464 // 
            
            
            
            CERT/CC: VU#310816 // 
            
            
            
            VULHUB: VHN-3902 // 
            
            
            
            BID: 2636 // 
            
            
            
            BID: 3096 // 
            
            
            
            CNNVD: CNNVD-200107-173 // 
            
            
            
            NVD: CVE-2001-1097

CREDITS
Reported to bugtraq by 3APA3A <3APA3A@SECURITY.NNOV.RU> on Wed, 18 Apr, 2001.
Trust: 0.3
sources:
            
            
            BID: 2636

SOURCES
db:CERT/CCid:VU#555464
db:CERT/CCid:VU#310816
db:VULHUBid:VHN-3902
db:BIDid:2636
db:BIDid:3096
db:CNNVDid:CNNVD-200107-173
db:NVDid:CVE-2001-1097

LAST UPDATE DATE
2026-04-18T21:06:27.602000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#555464date:2001-07-17T00:00:00
db:CERT/CCid:VU#310816date:2001-08-30T00:00:00
db:VULHUBid:VHN-3902date:2017-12-19T00:00:00
db:BIDid:2636date:2001-04-18T00:00:00
db:BIDid:3096date:2015-03-19T08:49:00
db:CNNVDid:CNNVD-200107-173date:2005-10-20T00:00:00
db:NVDid:CVE-2001-1097date:2026-04-16T00:27:16.627

SOURCES RELEASE DATE
db:CERT/CCid:VU#555464date:2001-07-12T00:00:00
db:CERT/CCid:VU#310816date:2001-06-01T00:00:00
db:VULHUBid:VHN-3902date:2001-07-24T00:00:00
db:BIDid:2636date:2001-04-18T00:00:00
db:BIDid:3096date:2001-07-25T00:00:00
db:CNNVDid:CNNVD-200107-173date:2001-07-24T00:00:00
db:NVDid:CVE-2001-1097date:2001-07-24T04:00:00