Home page logo

bugtraq logo Bugtraq mailing list archives

WORKAROUND: Lotus Domino 5.0.5 Web Server vulnerability
From: Leonardo Rodrigues <coelho () PERSOGO COM BR>
Date: Tue, 9 Jan 2001 10:56:47 -0300

        Well, as Lotus haven't released a fix for the *confirmed* bug, we
get a workaround. Adding the following line:

map */../* /something.nsf

        at httpd.conf, seems to handle the bug. You should notice that
EVERYTHING using ../ links will stop working too, including the bug !

        We tested this on NT4 sp6a and Domino 5.0.5, and we COULDN'T get
the bug working after those lines were added.

        As we couldn't reproduce the bug on Linux Domino servers, and
seems that nobody could, we don't think adding those lines on Linux
httpd.conf servers is necessary.

        Leonardo Rodrigues
        Solution Web ( http://www.solutionweb.com.br )

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]